'Heads should roll': NSW Labor slams extent of Service NSW hack

NSW Labor leader Jodi McKay says “heads should roll” after Service NSW finally revealed the damage from an email account compromise that occurred more than four months ago.

iTnews was first to report details of Service NSW’s attack post-mortem on Monday, which revealed 3.8 million documents, amounting to 736GB of data, were stolen by unknown attackers.

The documents were found to contain the personal information of 186,000 people, who are now being notified via registered post.

The attack occurred back on April 22 and saw the email accounts of 42 Service NSW staff members compromised.

After the extent of the breach was published, Labor's public services spokesperson Sophie Cotsis immediately called on the state’s customer services minister Victor Dominello to publicly explain and account for why the government has “failed to secure and protect sensitive information from cyber criminals”.

But in a later statement published to Twitter, NSW Labor leader Jodi McKay called for tougher action against unspecified individuals.

“This is a cyber security meltdown from the Berejiklian government: 186,000 people’s information breached, 3.8 million documents stolen in a massive attack on Service NSW months ago - and they still haven’t notified them,” McKay wrote, adding, “Heads should roll.”

Last month, it was revealed that a state parliamentary inquiry will scrutinise the NSW government’s handling of cyber security incidents, as well as its measures to protect digital infrastructure more generally, following a spate of cyber attacks.

The probe was announced just weeks after Labor’s Cotsis called for such an inquiry.