Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Australia Crime Government Security

Data on Tens of Thousands of South Australian Government Employees Breached in Ransomware Attack (abc.net.au) 20

"Russian hackers have stolen and published the personal data of tens of thousands of employees..." reports the Australian Financial Review.

Government officials have confirmed the breach — part of a ransomware attack — and say the stolen data may even include info on the country's premier, according to an Australian public broadcaster: The government said the records of at least 38,000 employees, but potentially up to 80,000 workers, have been accessed in a cyber-attack on external payroll software provider Frontier Software. The data includes names, dates of birth, tax file numbers, home addresses, bank account details, remuneration and superannuation contributions... Treasurer Rob Lucas said politicians, including Premier Steven Marshall, could be among those affected.
The treasurer added the breach potentially impacted "The highest of the high to the lowest of the low and all of the rest of us in between." Except for schoolteachers, and the Department of Education, who did not use Frontier's software.

The website publishing the 3.75 gigabytes of data claimed it was just 10% of the total amount, according to the Australian Financial Review, which "understands Russian organised crime group Conti, which claimed credit for launching the cyberattack on Queensland's energy network CS Energy, published the information." Australian Payroll Association chief executive Tracy Angwin said the hack was a wake-up call to employers using remotely accessed payroll systems to ensure they were secure...

Frontier Software said the hacker responsible for the incident was known to employ a "double extortion" strategy, which included encrypting systems and stealing the data.

In another report, Bleeping Computer describes Conti as "a long-lived Ransomware as a Service operation" that "still manages to evade prosecution even after high-profile incidents against vital national resources such as Ireland's Department of Health." The gang is believed to be behind the recent revival of the notorious Emotet botnet, which could lead to a massive new wave of ransomware infections. This week, Conti took responsibility for the attack against Nordic Choice Hotels, a Scandinavian hotel chain with 200 properties.
Thanks to Macfox (Slashdot reader #50,100) for tipping us off to the news.
This discussion has been archived. No new comments can be posted.

Data on Tens of Thousands of South Australian Government Employees Breached in Ransomware Attack

Comments Filter:
  • by dwywit ( 1109409 ) on Saturday December 11, 2021 @07:03PM (#62070799)

    38K + identity thefts will mean a big lawsuit.

    I used to work for a local govt. We used an AS400 for nearly all operations - rates, water, sewage, etc - and in-house payroll, i.e. it was written and maintained by the in-house programmers (and me, to a small extent).

    In RPG.

    Hack that.

    • AS/400 is a fascinating architecture. Good luck with ransomware and virus laden usb drives against a dumb terminal.

    • I am relatively middle-aged in my software development years. Neither the bitter vet who remembers punch cards not the hip web devs of this generation.

      I studied at a community college taking all the classes I could and learned on an AS/400 a good bit. My first internship was an insurance company that used one and at the time, fewer students were becoming proficient at it. I actually really enjoyed it and found many of the languages like RPG rather perfectly suited. I feel like this was an age of minimalisti

  • by niftydude ( 1745144 ) on Saturday December 11, 2021 @07:20PM (#62070819)

    and say the stolen data may even include info on the country's premier, according to an Australian public broadcaster.

    Australia is a country. South Australia is a state. Australia has premiers for all their states. Think of South Australia as the Wisconsin of Australia.

    • by mjwx ( 966435 )

      and say the stolen data may even include info on the country's premier, according to an Australian public broadcaster.

      Australia is a country. South Australia is a state. Australia has premiers for all their states. Think of South Australia as the Wisconsin of Australia.

      I'm not sure what Wisconsin did to deserve that insult.

  • Americans helped (Score:4, Interesting)

    by Anonymous Coward on Saturday December 11, 2021 @09:03PM (#62070921)

    I had alerts for a brute force attack on our (.au) infrastructure strangely from Microsofts Azure in the USA, i filled out their abuse form, every single requirement, even had packet captures, Microsoft said...

    "The activity reported is associated with a customer account within the Microsoft Azure service. Microsoft Azure provides a cloud computing platform in which customers can deploy their own software applications. Customers, not Microsoft, control what applications are deployed on their account. "
    Ticket Closed

    so if you want to attack servers for anything, use Azure, the platform of choice for malware and abuse

  • Username: root

    Password: 123

  • How can anyone protect the data if government has taken away all the guns? Of course they got hacked.

Truly simple systems... require infinite testing. -- Norman Augustine

Working...