South Australia’s Treasurer says 13,088 current and former public servants more than previously thought had their personal information stolen in a cyber attack last year.
- Data from one of the South Australian government’s payroll providers was stolen in November
- That data was shared on the dark web
- The new state government says more public servants were affected than previously thought
Treasurer Stephen Mullighan told parliament on Wednesday a “forensic review” by PricewaterhouseCoopers (PwC) uncovered the additional people that had had their personal data stolen, in addition to the 80,000 employees announced by the former government last year.
The data, which included tax file numbers and bank account details, was stolen when the state government’s payroll provider, Frontier Software, was hacked in November.
“The attack was perpetrated by an overseas criminal organisation on Frontier’s network and this data, amongst others, was accessed,” Mr Mullighan said.
“After accessing this information, the perpetrators deployed ransomware to Frontier’s systems and posted some of the files to the dark web.”
Mr Mullighan said the files were “only” accessible on the dark web for less than 24 hours.
“There is no information regarding any ransom which may have been paid or how Frontier managed engagement with the overseas cybercriminals in relation to this attack,” Mr Mullighan said.
Frontier Software has been contracted by the South Australian government since 2001 as a third-party payroll firm for the majority of public servants.
The PwC review found the additional people who had their information taken included a mix of current and former employees of SA Police, the Metropolitan Fire Service and the Department for Infrastructure and Transport, plus government executives and board members.
“I am informed [that] Frontier Software have developed additional security measurers within its systems,” Mr Mullighan said.
“A formal breach notice has been issued by the government to Frontier regarding its failure to adequately protect the information it holds for South Australian government employees.”
More than 3,000 public servants have accessed cybersecurity support services in relation to the data breach.
Mr Mullighan said some had been locked out from accessing services such as the Australian Taxation Office or their superannuation record systems because of this incident.
The PwC review cost taxpayers $420,000.
Additional employees who have been enmeshed in the breach are being told this week.