Personal details of up to 80,000 government employees in SA accessed in cyber attack

The South Australian government confirmed and said that the personal data of tens of thousands of employees, potentially including the Premier, was accessed in a cyber attack.

He said Frontier, which has been providing government payroll services since 2001, was the victim of a “cyber ransomware attack” last month and the information was stolen and “posted on the dark web”.
Treasurer Rob Lucas said politicians, including Prime Minister Steven Marshall, may be among those affected.

Lucas first announced Friday that records of 38,000 government employees were stolen in a cyberattack, but confirmed the extent of the data breach on Tuesday.

The attack was carried out against Frontier Software, an outside company that has supplied payroll software to the South Australian government for the past 20 years. It affects employees working for the government as of last July, and only Ministry of Education employees are excluded from the hack.

Investigations are ongoing, but the incident is believed to involve a ransomware attack by Russian hackers that took place five weeks ago.

The stolen personal information includes – but is not limited to – employees’ first and last names, date of birth, tax file number, home address and bank account details.

Lucas apologised to employees affected saying it was a “very serious breach”

“It’s almost everyone, members of parliament, right through to the premier, also people who serve on government boards and committees,” he said. “To the extent we can, we are providing the maximum amount of security we can now that this has occurred.”

SA Government Only Client Affected

Nick Southcombe, CEO of Frontier Software Australia, said the company notified its customers of cyberattacks last Friday.

“We are continuing to review and catalogue the data that we believe was stolen from our internal corporate environment, with a primary focus on identifying any customer data that may have been stolen,” Mr Southcombe said.

“At this point, we have only identified one customer that has been affected, being the government of South Australia, and we are communicating directly with them and providing as much assistance as we can.

“Should we identify further customers impacted by this data theft, we will reach out to them directly as soon as possible.”

Shadow treasurer Stephen Mullighan said data management is a core responsibility of the government and “it is now clear that the liberal Marshall government cannot be trusted to keep South Australian data safe.”

The SA Privacy Committee, the Office of the Australian Information Commissioner and the Australian Federal Police were notified of the incident.

Natasha Brown, acting secretary general of the Public Service Association, said the union was seeking legal advice on behalf of its members.

“The government must take full responsibility for the integrity of this very sensitive data,” Brown said. “The government might have privatised the service – but they cannot privatise their responsibility for our members’ personal sensitive data.”

“The PSA expects the government to cover any costs to members of any adverse consequences of this serious data breach – including any financial losses.”

Justin Warren, president of Electronic Frontiers Australia, said the incident was “all too familiar” and that those affected should be compensated for “the work they have to do to respond to this invasion of their privacy.”

“This data breach demonstrates, yet again, that once government or business has your data there is very little you can do if their cybersecurity isn’t good enough,” Warren said.