Search This Blog

Powered by Blogger.

Blog Archive

Labels

Personal Details of SA Gov Employees Compromised in Frontier Software Ransomware Attack

Frontier Software suffered a ransomware attack on November 13, 2021.

 

The South Australian government has revealed that the private details belonging to tens of thousands of its employees were exfiltrated following a cyber attack that hit the system of an external payroll provider Frontier software.

According to South Australia Treasurer Rob Lucas, the payroll provider has informed the government that some of the data have been leaked on the dark web, with at least 38,000 employees and up to 80,000 government employees possibly having their data accessed. 

The stolen data contained taxation IDs of 38,000 Australian government employees, information on names, date of birth, home address, bank account details, employment start date, payroll period, remuneration, and other payroll-related details.

The government was particularly concerned regarding staff’s private data being stolen, as well as the potential for identity fraud, but there was no evidence that the information had been used by the hackers, Lucas added.

The breached firm Frontier Software suffered from a ransomware attack on November 13, 2021. The assault didn't pivot to client systems through their products and the data exfiltration only affected a specific segmented environment, the payroll provider stated. 

"To date, our investigations show no evidence of any customer data being exfiltrated or stolen. Whilst the incident resulted in some of Frontier Software's Australian corporate systems being encrypted, Australian customer HR & Payroll data and systems are segmented from the corporate systems and were not compromised," it said on November 17.

The impacted staff has been advised to treat incoming emails, calls, and SMS with caution. Additionally, everyone is advised to reset their passwords and activate two-factor authentication where possible. 

Government employees should closely monitor bank statements and account activity and report any suspicious transactions to the authorities. Exposed people can take advantage of a free IDCARE cyber-security support service offering, following the instructions laid out on the incident announcement on the SA government website.

According to Nev Kitchin, general secretary of the South Australian Public Service Association, the situation was "obviously very concerning". "We expect the state government to take all possible steps to review its cyber security measures in order to prevent such an event in the future. In the meantime, we expect the government to do everything possible to minimize the effects of this security breach and to provide the support our members need," he said.
Share it:

Data Breach

Employee Data

Ransomware attack

User Security