More than 2,000 SA driver’s licenses were compromised in a cyberattack that uncovered passwords to mySA GOV accounts.
mySA Gov is the South Australian government's online platform that provides residents to access all state services with a single account, such as checking into a venue or completing transactions for vehicle registration.
The department of Infrastructure and Transportation said attackers gained access to these accounts as account holders used the same or a similar password for their mySA Gov account as they had used for their account with an unrelated website. However, the department did not provide details regarding the unrelated website.
The hackers secured access to 2,601 mySA Gov accounts, 2,008 of which contained registration and licensing details, ABC reported.
The government said there is “no evidence” of any unauthorized transactions on the compromised accounts, but is taking necessary precautions to mitigate further risks. It includes blocking the compromised accounts, informing the victims regarding the breach, urging all impacted account holders to change their driver's license number by attending a Service SA Centre.
"It is strongly recommended that when choosing a new password for their account, customers do not use a password that has been previously used or is currently being used for any other accounts This is a timely reminder to all mySA Gov account holders and South Australians more generally to always set complex passwords and do not use the same password for more than one account," the Department for Infrastructure and Transport said in a statement.
Fortunately, the hack does not relate to the mySA GOV app currently used for COVID check-ins, Chris McArdle from the department told David & Will on FIVEaa Breakfast. “There is no compromise or connection to that for this incident. That’s really important for the community to understand that the COVID safe check-in that is part of that app is completely unaffected and all the data that is associated with that is still safe and secure… none of that has been affected.”
According to the Cost of a Data Breach Report 2021, published by IBM Security, the total global cost of data breaches in public sectors surged nearly 79% between 2020 and 2021. That’s a total average data breach cost of $1.93 million. It reflects that governments are facing an uphill battle to combat the growing surge of cyber espionage and extortion.