Incident (Updated): Citizen data compromised as Service NSW falls victim to phishing attack | ZDNet

Posted by Steven Kirby | May 14, 2020 | Australian InfoSec Incidents 2020, Email Phishing, New South Wales, State Government, ZDNet | 0 |

Australian Information Security Incident Reported: May 14 2020

Australian Phishing Attack April 2020: Citizen data compromised as Service NSW falls victim to phishing attack. | Updated September 2, 2020

The attack involved the illegal accessing of 47 Service NSW staff members’ email accounts.

Service NSW Statement – Service NSW cyber incident
Source: Citizen data compromised as Service NSW falls victim to phishing attack | ZDNet
More reports from: ZDNet.

—-
Updated September 2, 2020 Service NSW still waiting to notify on data breach after four months | iTnews
Blames lengthy review process.
Service NSW is still waiting to notify customers impacted by an email compromise attack against 47 staff members more than four months after it occurred.
—-

Following reports on Thursday morning that a staff member from Service NSW clicked on a suspicious link from an email, the New South Wales government has confirmed it was the target of a malicious phishing attack.

The breach was first thought to have only affected individuals who visited a Service NSW shop front or called the state government service and that those transacting via the app or website channels were not compromised.

But in a statement Thursday afternoon, Service NSW revealed the breach, which occurred on 22 April 2020, had seen customer information held in emails accessed.

Related

About The Author

Steven Kirby

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Australian InfoSec and Cyber News

Mining at high risk of cyber security threats - Australian Mining September 26, 2020
A new survey has found that many Australian mining businesses are unprepared for and are failing to put appropriate measures in place to prevent …
Two arrested over large-scale SMS phishing scam September 26, 2020
Two Sydney men have been arrested over their alleged involvement in a large-scale SMS phishing scam that targeted the personal and financial …
NAB crowdsources cyber security with bug bounty program September 26, 2020
The National Australia Bank on Friday launched a bug bounty program in partnership with crowdsourced cyber security platform Bugcrowd to strengthen …
Tens of thousands of NSW driver's licences exposed online in major data breach September 25, 2020
The source of the breach is yet to be made public with calls for the responsible agency to own up. Source: ABC News | Duration: 1min 38sec
Draft legislation proposed by Federal Government would allow your personal data to be shared between government agencies September 25, 2020
If it sometimes seems like different arms of the government don't talk to each other, it might be because they can't. There are a raft of laws …
Only 1 in 5 Australians Say They Actually Read Their Privacy Policies September 25, 2020
This privacy policy outlines our commitment to provide quality services and our ongoing obligations to you in respect of how we manage your Personal …
Incident: Misconfigured UTAS SharePoint site exposed 20,000 students' details | iTnews - Australian Information Security Awareness and Advisory September 23, 2020
Australian Privacy Exposure: September 21 2020 Misconfigured UTAS SharePoint site exposed 20,000 students’ details Security settings allowed broad …
iTWire - Australian IT leaders spend up on security as global weekly tech spend explodes to US15 billion September 23, 2020
An extra US15 billion a week has been spent globally on technology by IT leaders to enable safe and secure home working during the first wave of the …
ACSC details "copy-paste compromise" attacks September 23, 2020
The Australian Cyber Security Centre (ACSC) has provided more details of the cyber attack in June called out by Prime Minister Scott Morisson that …
Can the Cyber Taskforce achieve its goals? September 23, 2020
Basic governance and risk management fundamentals and root causes, beyond the Taskforce’s remit, need to be addressed. The new Cyber Taskforce …
OAIC publishes PIA guidance for agencies September 23, 2020
The Office of the Australian Information Commissioner has published guidance detailing when government agencies must complete a privacy impact …
Why you shouldn't post a picture of a boarding pass on social media September 23, 2020
Security experts are repeating warnings to keep pictures of documents with personal information and barcodes — such as boarding passes and tickets — …
iTWire - How do you securely provide access to your data for the people who ought to access it? September 22, 2020
iTWire asked a number of IT security executives for their best thoughts on secure data access in this unusual distributed world we're in. Here's what …
Anglicare Sydney says 17GB data transmitted to 'remote location' after attack September 21, 2020
Anglicare Sydney has revealed 17GB of its data was transmitted “to a remote location” after a ransomware attack but claims “there is no current …
Researchers show successful myGovID code replay attack September 21, 2020
Two security researchers are warning Australians not to use myGovID as they say the login system contains an implementation flaw that could lead to …

Click on the image for more

Mining at high risk of cyber security threats - Australian Mining
A new survey has found that many Australian mining businesses are unprepared for and are failing to put appropriate measures in place to prevent … Read more »
Published: September 26, 2020 - 11:09 am
Two arrested over large-scale SMS phishing scam
Two Sydney men have been arrested over their alleged involvement in a large-scale SMS phishing scam that targeted the personal and financial … Read more »
Published: September 26, 2020 - 11:09 am
NAB crowdsources cyber security with bug bounty program
The National Australia Bank on Friday launched a bug bounty program in partnership with crowdsourced cyber security platform Bugcrowd to strengthen … Read more »
Published: September 26, 2020 - 11:06 am
Tens of thousands of NSW driver's licences exposed online in major data breach
The source of the breach is yet to be made public with calls for the responsible agency to own up. Source: ABC News | Duration: 1min 38sec Read more »
Published: September 26, 2020 - 7:51 am
Draft legislation proposed by Federal Government would allow your personal data to be shared between government agencies
If it sometimes seems like different arms of the government don't talk to each other, it might be because they can't. There are a raft of laws … Read more »
Published: September 25, 2020 - 12:19 pm
Only 1 in 5 Australians Say They Actually Read Their Privacy Policies
This privacy policy outlines our commitment to provide quality services and our ongoing obligations to you in respect of how we manage your Personal … Read more »
Published: September 25, 2020 - 12:09 pm
Incident: Misconfigured UTAS SharePoint site exposed 20,000 students' details | iTnews - Australian Information Security Awareness and Advisory
Australian Privacy Exposure: September 21 2020 Misconfigured UTAS SharePoint site exposed 20,000 students’ details Security settings allowed broad … Read more »
Published: September 24, 2020 - 7:23 am
iTWire - Australian IT leaders spend up on security as global weekly tech spend explodes to US15 billion
An extra US15 billion a week has been spent globally on technology by IT leaders to enable safe and secure home working during the first wave of the … Read more »
Published: September 23, 2020 - 5:47 pm
ACSC details "copy-paste compromise" attacks
The Australian Cyber Security Centre (ACSC) has provided more details of the cyber attack in June called out by Prime Minister Scott Morisson that … Read more »
Published: September 23, 2020 - 10:16 am
Can the Cyber Taskforce achieve its goals?
Basic governance and risk management fundamentals and root causes, beyond the Taskforce’s remit, need to be addressed. The new Cyber Taskforce … Read more »
Published: September 23, 2020 - 10:15 am
OAIC publishes PIA guidance for agencies
The Office of the Australian Information Commissioner has published guidance detailing when government agencies must complete a privacy impact … Read more »
Published: September 23, 2020 - 10:12 am
Why you shouldn't post a picture of a boarding pass on social media
Security experts are repeating warnings to keep pictures of documents with personal information and barcodes — such as boarding passes and tickets — … Read more »
Published: September 23, 2020 - 10:05 am
iTWire - How do you securely provide access to your data for the people who ought to access it?
iTWire asked a number of IT security executives for their best thoughts on secure data access in this unusual distributed world we're in. Here's what … Read more »
Published: September 23, 2020 - 9:57 am
Anglicare Sydney says 17GB data transmitted to 'remote location' after attack
Anglicare Sydney has revealed 17GB of its data was transmitted “to a remote location” after a ransomware attack but claims “there is no current … Read more »
Published: September 22, 2020 - 8:54 am
Researchers show successful myGovID code replay attack
Two security researchers are warning Australians not to use myGovID as they say the login system contains an implementation flaw that could lead to … Read more »
Published: September 22, 2020 - 8:52 am
Right or privilege? Privacy of communications on the internet
AUSCL Australian Society for Computers and law, The Allens Hub for Technology, Law & Innovation and Cyber Security CRC present a crucial online discussion on privacy in the digital age: Right or privilege? Privacy of communications on the internet Featuring: Edward Santow - Human Rights Commissioner, Australian Human Rights Commission Rachael Falk - CEO, Cyber Security CRC Professor Lyria Bennett Moses - UNSW Law and Director The Allens Hub for Technology, Law & Innovation This recording is not to be missed by anyone with an interest in privacy, rights and security online, including legal and IT professionals and academics, leaders of civil society, politicians, and policy makers. Read more »
Published: September 21, 2020 - 9:59 am
NSW digital driver's licences to get greater sway in identity proof test
The NSW government has introduced legislation that will put digital driver’s licences on equal footing with its physical counterpart, while paving … Read more »
Published: September 21, 2020 - 9:43 am
CSIRO IT contractor spared jail for mining Monero on supercomputer
A former CSIRO IT contractor has escaped jail time for using the country’s peak science and research organisation’s supercomputer to mine … Read more »
Published: September 21, 2020 - 9:42 am
Curious blogger accidentally hacks Tony Abbott's boarding pass
A tech blogger has documented how he got personal data on former Prime Minister Tony Abbott from a completely innocuous Instagram post. Alex Hope saw … Read more »
Published: September 21, 2020 - 7:55 am
Sensitive data at risk after Anglicare Sydney hit by 'malicious cyber attack'
Anglicare Sydney has confirmed that it is being held to ransom over a large amount of potentially sensitive information that has been stolen from its … Read more »
Published: September 21, 2020 - 1:24 am

Shares

Share This