UPDATED 21:10 EST / SEPTEMBER 07 2020

SECURITY

186,000 customer records stolen from Australian state government in phishing attack

A trove of data relating to 186,000 customers of an Australian state government agency has been stolen in an attack that targeted employee email accounts.

The attack, reported today, involved Service NSW, an arm of the New South Wales government that providers one-stop access to government services. The theft of data took place in April and included the theft of 738 gigabytes of data consisting of 3.8 million documents.

Those documents included handwritten notes and forms, scans and records of transaction applications. Approximately 500,000 documents included personally identifiable information including drivers licenses, firearms registration, working with children checks, birth certificates, credit card details and medical records. Notably, the data is said to have involved transactions over the phone or over-the-counter at Service NSW centers.

The attack was described only as an “email compromise attack,” with the accounts of 47 staff compromised. Earlier reports said the attack first came to light when a staff member clicked on a suspicious link in an email, suggesting that the likely path of compromise was a phishing campaign or some sort — possibly a so-called spear-phishing campaign targeted specifically at employees of the agency.

Police are said to be investigating with the agency saying that it is in the process of notifying people affected by the attack and will provide those affected with an individual case manager if needed.

The attack occurred in April, but the NSW government was in the news for another data leak Sept. 1 when about 54,000 NSW drivers license images were found exposed on an unsecured Amazon Web Services Inc. S3 bucket. That breach was blamed on a third-party business.

That Service NSW fell victim to a phishing attack is not all that surprising. A report from email security company GreatHorn Inc. Sept. 2 found that information technology teams are struggling to protect employees from a deluge in phishing attacks particularly since the beginning of the COVID-19 pandemic.

The report, based on a survey of IT leaders, found that on average they were remediating 1,185 phishing attacks every month or an average of 40 attacks per day. Only 6% of phishing attacks were found to be successful, but 36% said they were not confident that employees at their organizations would be able to spot and avoid an email phishing attack in real time.

Photo: Service NSW

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU