
Incident (Updated): Citizen data compromised as Service NSW falls victim to phishing attack | ZDNet

Australian Information Security Incident Reported: May 14 2020
Australian Phishing Attack April 2020: Citizen data compromised as Service NSW falls victim to phishing attack. | Updated September 2, 2020
The attack involved the illegal accessing of 47 Service NSW staff members’ email accounts.
Service NSW Statement – Service NSW cyber incident
Source: Citizen data compromised as Service NSW falls victim to phishing attack | ZDNet
More reports from: ZDNet.
—-
Updated September 2, 2020 Service NSW still waiting to notify on data breach after four months | iTnews
Blames lengthy review process.
Service NSW is still waiting to notify customers impacted by an email compromise attack against 47 staff members more than four months after it occurred.
—-
Following reports on Thursday morning that a staff member from Service NSW clicked on a suspicious link from an email, the New South Wales government has confirmed it was the target of a malicious phishing attack.
The breach was first thought to have only affected individuals who visited a Service NSW shop front or called the state government service and that those transacting via the app or website channels were not compromised.
But in a statement Thursday afternoon, Service NSW revealed the breach, which occurred on 22 April 2020, had seen customer information held in emails accessed.