The South Australian government has confirmed that the state’s digital licence platform was penetrated last week, with hackers thought to have used stolen passwords to gain access.
The South Australian government has confirmed that up to 2,000 accounts on the state’s mySA GOV platform have been hacked, with the cyber criminals thought to have used stolen passwords in order to gain access to the government platform.
The state government can also confirm, though, that while the app also oversees “check-ins” for stores and venues during the pandemic, that portion of the application had not been breached as it does not require user log-in.
The Department for Infrastructure and Transport allege that the accounts had been breached because they relied on similar passwords to those used elsewhere.
“On Tuesday, the department became aware that the accounts of some customers had been accessed by a third party who used passwords obtained in the hacking of a separate, unrelated website,” the department confirmed in a statement.
“The accounts could be accessed because account holders had used the same or a similar password for their mySA GOV account as they had used for their account with the unrelated website. The hackers then used the passwords they had obtained from the unrelated website to access a number of mySA GOV accounts.”
Fortunately, the department confirmed that as of yet, there “is no evidence of any unauthorised transactions on any mySA GOV accounts”.
In response to the activity, the department has blocked the passwords of affected accounts and notified the users.
“It is strongly recommended that when choosing a new password for their account, customers do not use a password that has been previously used or is currently being used for any other accounts,” the department wrote.
[Related: Hackers breach one of the US’ largest ports]