Transport for NSW affected by Accellion breach


By Dylan Bushell-Embling
Friday, 26 February, 2021



Transport for NSW affected by Accellion breach

Transport for NSW has warned it has been caught up in the cyber attack on a file transfer system operated by secure file sharing company Accellion.

The compromise of the Accellion system in December led to some Transport for NSW information being stolen by the attackers, the agency warned.

An ongoing forensic investigation has determined that the breach was limited to Accellion servers and no other Transport for NSW systems have been affected, including any driver’s licence information.

But the extent of the breach is still being determined, with the investigation focused on identifying risks to customer information. The agency said it plans to ensure that any notification process for those affected will be clearly communicated and secure.

“We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack,” the agency said in an advisory.

“Cyber Security NSW is managing the NSW Government investigation with the help of forensic specialists. We are working closely with Cyber Security NSW to understand the impact of the breach, including to customer data.”

The agency warned that scammers may seek to capitalise on the compromised information. “Customers should not respond to unsolicited phone calls, emails or text messages from anyone claiming to be Transport for NSW related to any security matter,” the advisory states.

Auth0 GM for APAC Richard Marr said a number of Australian organisations have been subjected to attacks since the emergence of the Accellion data breach in December.

“As public users and consumers give more of themselves away online to access digital services, they expect that their data is safe. With the complexity of today’s attacks, one tactic alone is not enough,” he said.

“As credential-related attacks rise, it is up to organisations to prioritise cybersecurity awareness training, utilise password managers and multi-factor authentication, invest in proactive threat detection, [and] look for customisable security solutions.”

Image credit: ©stock.adobe.com/au/HPW

Related Articles

More Mac malware detected in 2020 than ever before

An investigation into the state of macOS malware by Atlas VPN has found that malware developed to...

Queensland opens two new cyber innovation nodes

AustCyber and the Queensland Government have collaborated to open new cybersecurity innovation...

COVID crisis led to A/NZ security spending spike

Australian and New Zealand businesses spent an additional 10–20% on cybersecurity in 2020...


  • All content Copyright © 2021 Westwick-Farrow Pty Ltd