Dec 10, 2021
0 0

Data breach impacts 80,000 South Australian govt employees

Written by

ALPHV BlackCat – This year’s most sophisticated ransomware
SonicWall ‘strongly urges’ customers to patch critical SMA 100 bugs
Windows ‘InstallerFileTakeOver’ zero-day bug gets free micropatch
Cox discloses data breach after hacker impersonates support agent
Phishing attacks use QR codes to steal banking credentials
Volvo Cars discloses security breach leading to R&D data theft
Minecraft rushes out patch for critical Log4j vulnerability
Australian govt raises alarm over Conti ransomware attacks
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
Data breach impacts 80,000 South Australian govt employees
The South Australian government has disclosed that the sensitive personal information belonging to tens of thousands of its employees was compromised following a ransomware attack that hit the system of an external payroll software provider last month.
The number of records accessed by hackers corresponds to at least 38,000 SA government employees, but it could be as high as 80,000 according to South Australia’s Treasurer Rob Lucas.
The breached company behind this data breach is Frontier Software, which suffered from a ransomware attack on November 13, 2021.
According to the company’s statement on the incident, the threat didn’t pivot to client systems through their products and the data exfiltration only affected a specific segmented environment.
“The ongoing forensic investigation and other response activities conducted by Frontier Software and CyberCX has now confirmed evidence of some data exfiltration from Frontier Software’s internal Australian corporate environment,” the company said
“We have not identified evidence of compromise or exfiltration outside this segmented environment.”
The data that has been compromised according to the South Australian government includes the following:
The only public entity that wasn’t affected by the incident is the Department for Education, which does not use Frontier products.
“The highest of the high to the lowest of the low and all of the rest of us in between are potentially impacted, with the exception of teachers and the Department for Education,” Lucas told ABC News after disclosing the data breach. 
“Having the bank account details doesn’t give you access to the bank account, but it’s the first step in trying to crack a code in terms of passwords.
“We expect the state government to take all possible steps to review its cyber security measures in order to prevent such an event in the future.”
Government employees affected by this incident are advised to treat incoming emails, calls, and SMS with caution. Additionally, everyone should reset their passwords and activate two-factor authentication where possible.
Affected individuals should closely monitor bank statements and account activity and report any suspicious transactions to the authorities. Exposed people can take advantage of a free IDCARE cyber-security support service offering, following the instructions laid out on the incident announcement on the SA government website.
Bleeping Computer has seen an announcement on Conti ransomware’s data leak portal dated November 16, 2021, which matches the attack details shared by Frontier Software in their statement.
However, the listing has since been removed from the portal, which probably means the negotiations have ended.
Conti, a long-lived Ransomware as a Service (RaaS) operation, still manages to evade prosecution even after high-profile incidents against vital national resources such as Ireland’s Department of Health.
The gang is believed to be behind the recent revival of the notorious Emotet botnet, which could lead to a massive new wave of ransomware infections.
This week, Conti took responsibility for the attack against Nordic Choice Hotels, a Scandinavian hotel chain with 200 properties.
Australian govt raises alarm over Conti ransomware attacks
Volvo Cars discloses security breach leading to R&D data theft
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet
Planned Parenthood LA discloses data breach after ransomware attack
Marine services provider Swire Pacific Offshore hit by ransomware
Not a member yet? Register Now
New zero-day exploit for Log4j Java library is an enterprise nightmare
Malicious Notepad++ installers push StrongPity malware
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


Article Categories:
Cybersecurity News

Comments are closed.