Incident: Vic councils’ after-hours call answering service breached – iTnews
Australian Councils Ransomware Attack, 22 April 2024
Victorian councils’ OracleCMS after-hours call answering service breached
Provider, OracleCMS hacked by Lockbit with around 50 clients’ data compromised
Company Statement: OracleCMS Cyber Incident
Whitehorse City Council – Data security breach involving Oracle CMS
Manningham Council – Data cyber security incident and Manningham after hours service
Knox City Council – Cyber security incident
Yarra City Council – CYBER SECURITY INCIDENT
Lot’s more but you get the idea…
Source: Vic councils’ after-hours call answering service breached – iTnews
View more incidents relating to ransomware, Local Government, Managed Service Providers.
The personal details of thousands of individuals and data held by a number of public institutions have been posted online after a call centre operator was hacked by an infamous ransomware gang.
The provider, OracleCMS, acknowledged the incident and said that “a portion” of its data was accessed and leaked online. OracleCMS operates call centres for a number of clients across Sydney, Melbourne, Brisbane, Perth and Adelaide
“Available evidence suggests that the impacted data is limited to corporate information, contract details, invoices, and triage process workflows,” OracleCMS said.
“Any personal information, if present, is anticipated to be basic contact information as appears in contracts and invoices.
“We are advised that this data presents a low risk of misuse.”
In a folder labelled “Clients”, there are more than 50 folders for organisations, ranging from local councils to aged-care services. More than a dozen local councils are on the list, including Campbelltown Council, Tweed Shire Council, Yarra City Council and Dandenong City Council. Other OracleCMS clients listed in the leak include several law firms, a popular real estate agent, and the Queensland branch of the Philadelphia Church of God.
Lockbit is widely regarded as one of the biggest ransomware operators in the world, and was responsible for nearly 20 per cent of all reported Australian ransomware attacks from 1 April 2022 to 31 March 2023.
