Attackers have infiltrated websites operated by Queensland's TAFE and Education departments and stolen data, state government CIO Andrew Mills revealed today.
Initial investigations indicated the compromised data involved information lodged by citizens through the enquiries and website feedback forms, Mills said.
“For security reasons, the government will not be providing specific details of the information illegally accessed,” he said.
“We are confident that no financial data such as credit card information or bank details have been accessed."
Skills Minister Yvette D'Ath told state parliament the stolen information was no more sensitive than that found "on other public websites like the White Pages".
She said it was "held in a format that is not very usable if someone was to access that data".
The state government has assessed the severity of the threat as “credible but low-level”.
It was alerted to the breach by an anonymous threat via email, however it declined to detail what demands were made.
The office of the GCIO is leading efforts to close the security hole that allowed the attackers entry and “further strengthen its security protocols”. Queensland Police, the Australian Federal Police and the Australian Cyber Security Centre have all been notified of the incident.
Qld Police confirmed it was working with other law enforcement and government agencies on the breach.
It indicated other government agencies across the country had suffered similar attacks.
“This illegal activity follows a number of recent similar cyber attacks in other organisations in both government and private sectors across the country and reminds us all of the challenges associated with cyber security," Mills said.
“We remain committed to the highest online security protocols required to safeguard our information and Queenslanders can be assured that we are committed to fully investigating this illegal act."
Queensland Education Minister Kate Jones told parliament the government was "taking this incident very seriously".