The NSW government has blocked access to an international file transfer company after servers at the state’s health and transport department were among those in major organisations hacked by international cybercriminals.
Cyber Security NSW was first made aware of vulnerabilities to the Accellion File Transfer Appliance (FTA) in January and established “Strike Force Martine” with NSW police to investigate the impacts on the breach.
It confirmed that government agencies—Transport for NSW and NSW Health—were among those affected by the attack.
“An assessment of the volume and value of data and any consequences for customers or government is underway,” the statement added.
“Forensic analysis by industry specialists has established there was no third-party access to major agency systems including the Driver Licence systems, the Opal travel systems, or electronic medical records systems used by public hospitals.”
According to the NSW Inquiry into Cybersecurity, close to 80 percent of the 104,000 individuals affected were notified of the data breach through registered mail.
However, NSW Auditor-General slammed Service NSW for not “effectively handling personal customer and business information to ensure its privacy.”
In response, CEO of Service NSW Damon Rees said the agency had begun reducing the risk of breaches by removing “all email held in the accounts of customer service staff that was over 60 days old.”
“Further controls” have been implemented to reduce further risk.
A lack of multi-factor authentication was also mentioned as a contributing factor to the breach.
According to Gizmodo, on Dec. 23, 2020, a bad actor hacked its way into Accellion’s client data via a zero-day vulnerability in its secure file transfer application.
The NSW government said that scammers may try to capitalise on these events and that customers “should not respond to unsolicited phone calls, emails or text messages related to any security matter.”
