Transport for NSW affected by Accellion breach
The compromise of the Accellion system in December led to some Transport for NSW information being stolen by the attackers, the agency warned.
An ongoing forensic investigation has determined that the breach was limited to Accellion servers and no other Transport for NSW systems have been affected, including any driver’s licence information.
But the extent of the breach is still being determined, with the investigation focused on identifying risks to customer information. The agency said it plans to ensure that any notification process for those affected will be clearly communicated and secure.
“We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack,” the agency said in an advisory.
“Cyber Security NSW is managing the NSW Government investigation with the help of forensic specialists. We are working closely with Cyber Security NSW to understand the impact of the breach, including to customer data.”
The agency warned that scammers may seek to capitalise on the compromised information. “Customers should not respond to unsolicited phone calls, emails or text messages from anyone claiming to be Transport for NSW related to any security matter,” the advisory states.
Auth0 GM for APAC Richard Marr said a number of Australian organisations have been subjected to attacks since the emergence of the Accellion data breach in December.
“As public users and consumers give more of themselves away online to access digital services, they expect that their data is safe. With the complexity of today’s attacks, one tactic alone is not enough,” he said.
“As credential-related attacks rise, it is up to organisations to prioritise cybersecurity awareness training, utilise password managers and multi-factor authentication, invest in proactive threat detection, [and] look for customisable security solutions.”
An investigation into the state of macOS malware by Atlas VPN has found that malware developed to...
AustCyber and the Queensland Government have collaborated to open new cybersecurity innovation...
Australian and New Zealand businesses spent an additional 10–20% on cybersecurity in 2020...