Data on Tens of Thousands of South Australian Government Employees Breached in Ransomware Attack (abc.net.au) 20
"Russian hackers have stolen and published the personal data of tens of thousands of employees..." reports the Australian Financial Review.
Government officials have confirmed the breach — part of a ransomware attack — and say the stolen data may even include info on the country's premier, according to an Australian public broadcaster: The government said the records of at least 38,000 employees, but potentially up to 80,000 workers, have been accessed in a cyber-attack on external payroll software provider Frontier Software. The data includes names, dates of birth, tax file numbers, home addresses, bank account details, remuneration and superannuation contributions... Treasurer Rob Lucas said politicians, including Premier Steven Marshall, could be among those affected.
The treasurer added the breach potentially impacted "The highest of the high to the lowest of the low and all of the rest of us in between." Except for schoolteachers, and the Department of Education, who did not use Frontier's software.
The website publishing the 3.75 gigabytes of data claimed it was just 10% of the total amount, according to the Australian Financial Review, which "understands Russian organised crime group Conti, which claimed credit for launching the cyberattack on Queensland's energy network CS Energy, published the information." Australian Payroll Association chief executive Tracy Angwin said the hack was a wake-up call to employers using remotely accessed payroll systems to ensure they were secure...
Frontier Software said the hacker responsible for the incident was known to employ a "double extortion" strategy, which included encrypting systems and stealing the data.
In another report, Bleeping Computer describes Conti as "a long-lived Ransomware as a Service operation" that "still manages to evade prosecution even after high-profile incidents against vital national resources such as Ireland's Department of Health." The gang is believed to be behind the recent revival of the notorious Emotet botnet, which could lead to a massive new wave of ransomware infections. This week, Conti took responsibility for the attack against Nordic Choice Hotels, a Scandinavian hotel chain with 200 properties.
Thanks to Macfox (Slashdot reader #50,100) for tipping us off to the news.
Government officials have confirmed the breach — part of a ransomware attack — and say the stolen data may even include info on the country's premier, according to an Australian public broadcaster: The government said the records of at least 38,000 employees, but potentially up to 80,000 workers, have been accessed in a cyber-attack on external payroll software provider Frontier Software. The data includes names, dates of birth, tax file numbers, home addresses, bank account details, remuneration and superannuation contributions... Treasurer Rob Lucas said politicians, including Premier Steven Marshall, could be among those affected.
The treasurer added the breach potentially impacted "The highest of the high to the lowest of the low and all of the rest of us in between." Except for schoolteachers, and the Department of Education, who did not use Frontier's software.
The website publishing the 3.75 gigabytes of data claimed it was just 10% of the total amount, according to the Australian Financial Review, which "understands Russian organised crime group Conti, which claimed credit for launching the cyberattack on Queensland's energy network CS Energy, published the information." Australian Payroll Association chief executive Tracy Angwin said the hack was a wake-up call to employers using remotely accessed payroll systems to ensure they were secure...
Frontier Software said the hacker responsible for the incident was known to employ a "double extortion" strategy, which included encrypting systems and stealing the data.
In another report, Bleeping Computer describes Conti as "a long-lived Ransomware as a Service operation" that "still manages to evade prosecution even after high-profile incidents against vital national resources such as Ireland's Department of Health." The gang is believed to be behind the recent revival of the notorious Emotet botnet, which could lead to a massive new wave of ransomware infections. This week, Conti took responsibility for the attack against Nordic Choice Hotels, a Scandinavian hotel chain with 200 properties.
Thanks to Macfox (Slashdot reader #50,100) for tipping us off to the news.
TMI galore, now we know what's (Score:1)
"down under"
The supplier might as well wind up operations. (Score:5, Interesting)
38K + identity thefts will mean a big lawsuit.
I used to work for a local govt. We used an AS400 for nearly all operations - rates, water, sewage, etc - and in-house payroll, i.e. it was written and maintained by the in-house programmers (and me, to a small extent).
In RPG.
Hack that.
Re: (Score:2)
AS/400 is a fascinating architecture. Good luck with ransomware and virus laden usb drives against a dumb terminal.
Re: The supplier might as well wind up operations. (Score:2)
I am relatively middle-aged in my software development years. Neither the bitter vet who remembers punch cards not the hip web devs of this generation.
I studied at a community college taking all the classes I could and learned on an AS/400 a good bit. My first internship was an insurance company that used one and at the time, fewer students were becoming proficient at it. I actually really enjoyed it and found many of the languages like RPG rather perfectly suited. I feel like this was an age of minimalisti
South Australia is not a country (Score:5, Interesting)
and say the stolen data may even include info on the country's premier, according to an Australian public broadcaster.
Australia is a country. South Australia is a state. Australia has premiers for all their states. Think of South Australia as the Wisconsin of Australia.
Re: (Score:2)
and say the stolen data may even include info on the country's premier, according to an Australian public broadcaster.
Australia is a country. South Australia is a state. Australia has premiers for all their states. Think of South Australia as the Wisconsin of Australia.
I'm not sure what Wisconsin did to deserve that insult.
Americans helped (Score:4, Interesting)
I had alerts for a brute force attack on our (.au) infrastructure strangely from Microsofts Azure in the USA, i filled out their abuse form, every single requirement, even had packet captures, Microsoft said...
"The activity reported is associated with a customer account within the Microsoft Azure service. Microsoft Azure provides a cloud computing platform in which customers can deploy their own software applications. Customers, not Microsoft, control what applications are deployed on their account. "
Ticket Closed
so if you want to attack servers for anything, use Azure, the platform of choice for malware and abuse
Re: Russian Hackers® (Score:3)
When it's to steal money, it's Russia. When it's to steal IP, it's China. When it fails miserably, it's Iran.
Did I leave anyone out?
Re: Russian Hackers® (Score:2, Funny)
When it's to steal money, it's Russia. When it's to steal IP, it's China. When it fails miserably, it's Iran.
Did I leave anyone out?
When they steal money data and IP, but no one notices. It's Uncle Sam.
Re: Russian Hackers® (Score:1)
Re: (Score:2)
When it's to fake being Russia, it's Ukraine.
Admin credentials... (Score:2)
Username: root
Password: 123
Re: (Score:2)
Re: (Score:2)
I use my kids names, but I change their names every 90 days.
Re: (Score:2)
Need more protection. (Score:2)
How can anyone protect the data if government has taken away all the guns? Of course they got hacked.