Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Transport for NSW online AIS app hacked

Transport for NSW has confirmed its Authorised Inspection Scheme (AIS) online application had been impacted by a cyber attack in early April, outlining that an unauthorised third-party accessed a “small number” of user accounts in the AIS app.

user iconReporter
Thu, 05 May 2022
Transport for NSW online AIS app hacked
expand image

The AIS authorises examiners to inspect vehicles to ensure a minimum safety standard. To become an authorised examiner, online applications need to be submitted and requires applicants to share personal details including their full name, address, phone number, email address, date of birth, and driver’s licence number.

According to Transport for NSW, the incident saw an unauthorised third-party successfully access a “small number of the application’s user accounts.

“We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack, Transport for NSW said.

“Scammers may try to capitalise on these events. Customers should not respond to unsolicited phone calls, emails or text messages from anyone claiming to be from Transport for NSW related to any security matter.

Transport for NSW added that it is notifying affected examiners individually and will provide options to help them avoid further impacts from the incident.

Additionally, security measures have also been put in place, Transport for NSW assured, and highlighted monitoring of the application continues.

This latest breach comes just over a year after Transport for NSW said it was being impacted by a cyber attack on a file transfer system owned by Accellion.

The Accellion system was widely used to share and store files by organisations around the world, including Transport for NSW.

At the end of last year, the states Auditor-General Margaret Crawford found none of NSWs lead cluster agencies, including Transport, had implemented all Essential Eight controls, which was a cause for significant concern.

The auditor-general wrote that the key elements to strengthen cyber security governance, controls, and culture are not sufficiently robust and not consistently applied, in a compliance report about the states cyber security capabilities.

“There has been insufficient progress to improve cyber security safeguards across NSW government agencies, Crawford wrote.

[Related: Pegasus spyware targets Spanish PM, defence minister]

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.