Australian Information Security Incident Reported: May 14 2020

Australian Phishing Attack April 2020: Citizen data compromised as Service NSW falls victim to phishing attack. | Updated September 2, 2020

The attack involved the illegal accessing of 47 Service NSW staff members’ email accounts.

Service NSW Statement – Service NSW cyber incident
Source: Citizen data compromised as Service NSW falls victim to phishing attack | ZDNet
More reports from: ZDNet.

—-
Updated September 2, 2020 Service NSW still waiting to notify on data breach after four months | iTnews
Blames lengthy review process.
Service NSW is still waiting to notify customers impacted by an email compromise attack against 47 staff members more than four months after it occurred.
—-

Following reports on Thursday morning that a staff member from Service NSW clicked on a suspicious link from an email, the New South Wales government has confirmed it was the target of a malicious phishing attack.

The breach was first thought to have only affected individuals who visited a Service NSW shop front or called the state government service and that those transacting via the app or website channels were not compromised.

But in a statement Thursday afternoon, Service NSW revealed the breach, which occurred on 22 April 2020, had seen customer information held in emails accessed.