Another 13,088 current and former South Australian public servants have had their personal information stolen in a cyber attack last year.
According to SA Treasurer Stephen Mullighan, a “forensic review” by PricewaterhouseCoopers (PwC) uncovered the additional people that have had their personal data stolen, in addition to the 80,000 employees announced by the former government in November last year.
After the state government’s payroll provider Frontier Software was hacked, data which included tax file numbers and bank account details were stolen.
“The attack was perpetrated by an overseas criminal organisation on Frontier’s network and this data, amongst others, was accessed,” Mullighan said.
“After accessing this information, the perpetrators deployed ransomware to Frontier’s systems and posted some of the files to the dark web.”
Mullighan further explained that the files were “only” accessible on the dark web for less than 24 hours.
“There is no information regarding any ransom which may have been paid or how Frontier managed engagement with the overseas cyber criminals in relation to this attack,” Mullighan said.
Frontier Software has been contracted by the South Australian government since 2001 as a third-party payroll firm for the majority of public servants.
The PwC review found the additional people who had their information taken included a mix of current and former employees of SA Police, the Metropolitan Fire Service and the Department for Infrastructure and Transport, plus government executives and board members.
The discovery of the additional 13,000 employees affected by the payroll data breach takes the total number to more than 90,000.
“I am informed [that] Frontier Software have developed additional security measurers within its systems,” Mullighan said.
“A formal breach notice has been issued by the government to Frontier regarding its failure to adequately protect the information it holds for South Australian government employees.”
Reportedly more than 3,000 public servants have accessed cyber security support services in relation to the data breach.
Mullighan noted some people affected by the hack had been locked out from accessing services such as the Australian Taxation Office or their superannuation record systems because of this incident.
The PwC review cost taxpayers $420,000. The additional employees who have been enmeshed in the breach are being told this week.
Nastasha is a Journalist at Momentum Media, she reports extensively across veterans affairs, cyber security and geopolitics in the Indo-Pacific. She is a co-author of a book titled The Stories Women Journalists Tell, published by Penguin Random House. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. Nastasha started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.