Transport for NSW affected by Accellion breach


By Dylan Bushell-Embling
Friday, 26 February, 2021


Transport for NSW affected by Accellion breach

Transport for NSW has warned it has been caught up in the cyber attack on a file transfer system operated by secure file sharing company Accellion.

The compromise of the Accellion system in December led to some Transport for NSW information being stolen by the attackers, the agency warned.

An ongoing forensic investigation has determined that the breach was limited to Accellion servers and no other Transport for NSW systems have been affected, including any driver’s licence information.

But the extent of the breach is still being determined, with the investigation focused on identifying risks to customer information. The agency said it plans to ensure that any notification process for those affected will be clearly communicated and secure.

“We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack,” the agency said in an advisory.

“Cyber Security NSW is managing the NSW Government investigation with the help of forensic specialists. We are working closely with Cyber Security NSW to understand the impact of the breach, including to customer data.”

The agency warned that scammers may seek to capitalise on the compromised information. “Customers should not respond to unsolicited phone calls, emails or text messages from anyone claiming to be Transport for NSW related to any security matter,” the advisory states.

Auth0 GM for APAC Richard Marr said a number of Australian organisations have been subjected to attacks since the emergence of the Accellion data breach in December.

“As public users and consumers give more of themselves away online to access digital services, they expect that their data is safe. With the complexity of today’s attacks, one tactic alone is not enough,” he said.

“As credential-related attacks rise, it is up to organisations to prioritise cybersecurity awareness training, utilise password managers and multi-factor authentication, invest in proactive threat detection, [and] look for customisable security solutions.”

Image credit: ©stock.adobe.com/au/HPW

Related Articles

Combating financial crime with AI

Rapid digital transformation across Australia and New Zealand has provided cybercriminals with...

Learning from the LockBit takedown

An international taskforce has seized the darknet sites run by LockBit, but relying on law...

How the tech giants are embracing a secure future with passkeys

The inadequacies and immense risks associated with traditional passwords and legacy...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd