As many as 80,000 SA government employees may have had their personal details accessed in the ransomware attack against payroll system provider Frontier Software last month.
Treasurer Rob Lucas on Friday revealed that “significant personal information” had been stolen from Frontier’s systems and, in some cases, published on the dark web following the breach.
The government confirmed the extent of the data exfiltration after Frontier began notifying impacted customers earlier this week.
“I have been advised that the records of at least 38,000 employees were accessed and that up to 80,000 employees might have been accessed,” he said.
“The government is currently working with Frontier to try and establish a more accurate estimate.”
Lucas confirmed that only staff from the Department of Education have not been affected by the breach at this time.
Data accessed includes names, dates of birth, tax file numbers, addresses, bank account details and pay details (remuneration, tax withheld, superannuation contributions etc).
The government has sent an email to all public sector employees to advise them of the level of information that was accessed and provide information on how to access support.
It is recommending that staff take immediate steps to reduce their risk of exposure, including by changing passwords and activating two-factor authorisation.
The government has also partnered with national identity and cyber support service IDCARE to work with employees.
“We are deeply disappointed that this breach occurred and are working closely with Frontier Software to investigate how this incident happened,” Lucas said.
“We apologise to all SA government employees affected.”
The SA government has used Frontier Software as its external payroll software provider since 2001.