Political vultures were circling within hours of revelations that personal information relating to some 186,000 NSW residents had been exposed in an April data breach that saw some 3.8 million documents stolen by cyber criminals.
The breach of online government agency Service NSW was announced in May, but authorities have only now released details of the breach after a four-month investigation involving the NSW Police, auditor general, and cyber security experts that confirmed some 738 gigabytes of data had been stolen after 47 staff email accounts were compromised in a phishing attack.
Service NSW has “accelerated our cyber security plans and the modernisation of legacy business processes to keep customer information as safe as possible,” the agency said, outlining a notification process by which affected citizens will be given “important information about the specific individual data accessed during the breach”.
The agency’s success in consolidating state services – both in person and online – has made it the model for broader efforts such as the federal government’s Services Australia initiative, announced late last year, and state-based efforts in
