
Incident: Queensland water supplier Sunwater targeted by hackers in months-long undetected cyber security breach | ABC News (Australia)

Australian Water Utility Hacked, 11 November 2021
Queensland water supplier Sunwater targeted by hackers in months-long undetected cyber security breach
A Queensland Audit Office report found “threat actors” had targeted an older, more vulnerable version of the system.
Related: Queensland Audit Office (QAO) Water 2021 Report finds one breach and significant control weaknesses in the security of information systems.
Source: Queensland water supplier Sunwater targeted by hackers in months-long undetected cyber security breach | ABC News (Australia)
View other incidents relating to Utilities and Queensland.
Queensland’s largest regional water supplier, Sunwater, says it was targeted by hackers in a cyber security breach that went undetected for nine months.
Sunwater has made no public comment about the incident. But it told the ABC that it took cyber security very seriously and that no financial or customer data had been pilfered.
It has been revealed that hackers left suspicious files on a webserver to redirect visitor traffic to an online video platform last year. The QAO report found “threat actors” had targeted an older, more vulnerable version of the system.
“The story here is typical: a legacy, more vulnerable system was targeted first. Whilst no critical data was stolen in this instance, with the attackers simply redirecting Web traffic, perhaps a more sophisticated bad actor would have exploited the weakness further.” –
Andrew Kay, director of Systems Engineering at sec firm Illumio