Service NSW revealed the scope of email breach
Service NSW revealed the scope of email breach

Service NSW, the customer service department of NSW state has revealed that about 186,000 people have affected by the data breach that happened earlier this year. Service NSW said about 738GB worth of data from 3.8 million documents was stolen from the email accounts of 47 staff members, who had fallen to a phishing attack earlier and plans to inform everyone of those affected.

Service NSW Revealed the Scope of Email Breach

Service NSW is a one-stop-shop for all general government services for the public, existing with 101 centers across the state of NSW, Australia. It serves people with registrations of marriage, birth, death, vehicles, fair trading, payment of fines, etc.

The department has announced that about 47 of its staff members were fallen for a phishing attack earlier this year, where the data of the public may have breached.

And now, after four months if the thorough investigation, Service NSW revealed that about 3.8 million documents were stolen from the 47 email accounts, which constitute to 738GB worth of data belonging to 186,000 people! This massive trove of data consists mainly of scanned documents, transaction records, forms, and handwritten notes.

The department assured of no breach found regarding any individual MyServiceNSW accounts nor Service NSW databases and apologizes for leaking the customer data in such a way.

Damon Rees, Service NSW CEO said that some of the processes in the investigation included manual checking of tens of thousands of documents to ensure a clear and informative notification of the breach. He also said,

This rigorous first step surfaced about 500,000 documents which referenced personal information.”

The department is now planning to inform everyone of those affected via personalized postal mails, before December.

An investigation by NSW police and auditor-general of NSW is in the process of the cybersecurity defenses, systems, and education and practice of the department.
Finally, it claims to have accelerated the cybersecurity plans to keep customer data safer, and have even partnered with IDCare for cyber support.

LEAVE A REPLY

Please enter your comment!
Please enter your name here