South Australian Premier Steven Marshall has reassured residents that no data was compromised after the state’s contact tracing app was hacked.
“There has been no hacking or compromise of data on the mySA GOV app, and there has been no compromise of data that we use for our COVID check-in,” he told reporters.
“What we did have was a very swift response from the people in the IT section of the Department of Infrastructure and Transport (DIT),” he added. “They locked down the system.”
The premier said the team saw the hack “coming in very quickly,” and the system was shut down within seconds.
Last week, the DIT revealed that several user accounts had been accessed by a third party, who obtained the passwords while hacking a separate website.
The DIT said there was no evidence of unauthorised transactions on the mySA GOV accounts and that the hacked accounts were blocked.
Further, all affected accounts were notified of the hack and told to change their password.
“It is strongly recommended that when choosing a new password for their account, customers do not use a password that has been previously used or is currently being used for any other accounts,” the DIT added.
Marshall said there were thousands of attempted hacks targeting government portals each week.
“People need to be vigilant,” he said.
Concerns have emerged in recent months over the lack of protection around data collected by contact tracing apps.
South Australia is currently trialling a home quarantine app that will become the national model if deemed successful.
Residents entering home quarantine are required to download the Quarantine SA app and will need to “check-in” with the app at random intervals during their quarantine period of two weeks.
Users have just 15 minutes to respond to a random check-in notification (in Western Australia, this is just five minutes) by scanning their faces.