Australian state transport agency hit by cyber attack
It warned that scammers might try to capitalise on the incident and told customers not to respond to unsolicited contact from anyone claiming to be from the agency
The Australian state of New South Wales’s (NSW) transport agency, Transport for NSW, revealed today that it had been impacted by a cyber attack in early April 2022.
The attack focused on the agency’s Authorised Inspection Scheme (AIS) online application system. This is a system that authorises examiners to inspect vehicles to meet safety requirements. To do this, users must input personal details like their name, phone number, email address, driver’s licence number, and date of birth.
During the incident, an unauthorised third party successfully accessed a small number of the application’s user accounts, stated Transport for NSW. It’s notifying affected examiners individually and providing options to help them avoid further impacts from the incident.
Additional security measures were put in place and monitoring of the application is continuing, although Transport for NSW didn’t reveal what new measures were introduced.
“We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack,” Transport for NSW said. “Scammers may try to capitalise on these events. Customers should not respond to unsolicited phone calls, emails or text messages from anyone claiming to be from Transport for NSW related to any security matter.”
The attack comes a year after Transport for NSW was impacted by a cyber attack on Accellion’s file transfer system. In February 2021, it revealed that some Transport for NSW information was taken before the attack on Accellion servers was interrupted.
The Total Economic Impact™ of Mimecast
Cost savings and business benefits enabled by using Mimecast with Microsoft 365Free download
It wasn’t the only NSW agency impacted by the Accellion attack either, as NSW Health admitted in June 2021 that its patient data was breached too. Identity information and health-related personal information were both accessed in the attack and it notified patients whose data may have been accessed as a result.
This is despite the fact that the NSW government said in May last year that it was aiming to become a world leader in cyber security as part of a new economic strategy, including the launch of a Cyber Hub and a cyber security placement programme. It released a Cyber Security Strategy to create best practice and cyber resilience techniques that can be rolled out across the tech sector.
Meeting the future of education with confidence
How the switch to digital learning has created an opportunity to meet the needs of every student, alwaysFree Download
The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana
Cost savings and business benefitsFree Download
The business value of the transformative mainframe
Modernising on the mainframeFree Download
Why PCaaS is perfect for modern schoolsFree Download