iTnews

Dominello says Service NSW data breach victims getting 'hypercare'

By Justin Hendry on Sep 9, 2020 6:41AM
Dominello says Service NSW data breach victims getting 'hypercare'

Minister breaks silence.

NSW Customer Services minister Victor Dominello says the victims of Service NSW’s email compromise are receiving “hypercare”, despite the 186,000 affected customers still waiting to learn of the breach.

Breaking his silence since the extent of the data breach was revealed, Dominello took to LinkedIn late on Tuesday to talk up the measures taken by the one-stop-shop for government services.

It comes as NSW Labor ramp up their attack on the government by advancing the idea that the breach could expose taxpayers to billions of dollars in compensation claims under the state’s Privacy and Personal Information Protection (PPIA) Act.

Service NSW on Monday revealed a staggering 3.8 million documents, amounting to 736GB of data, were stolen by unknown attackers - thought to be one of the largest data breaches ever to hit a NSW government agency.

The breach, which saw the personal information of 186,000 customers held in the email accounts of 42 Service NSW staff members compromised, occurred back in April, though the agency is only now starting to notify affected individuals via registered post.

Despite this, Dominello has backed Service NSW’s response to date, particularly in the immediate aftermath of the breach.

“Within 24 hours, I directed my agency to: immediately notify the public, refer the matter to the Auditor-General and retain external experts in privacy, identity and security to ensure that best practice was adopted to support those impacted,” he said on LinkedIn.

Dominello said that “the agency quickly established a hypercare team to look after those affected” and had also established a “permanent identity recovery unit to focus on supporting the victims of attacks like these” in response to rising identity theft.

“When crime occurs we focus on catching the criminals. However, it is just as important to support the victims,” he said.

“Identity theft is not a victimless crime."

Dominello also added that shifting to “true end-to-end digital services” would make it “more difficult for criminals” to replicate the attack in the future, as much of the stolen data was scanned attachments such as paper application forms and copies of driver's licences.

Labor’s public services spokesperson Sophie Cotsis and Labor leader Jodi McKay are continuing to call for Dominello to publicly explain and apologise for the breach.

“If it’s good enough for Mark Zuckerberg and the CEOs of Zoom, Yahoo, Marriott International and British Airways to apologise for data breaches, then Victor Dominello must do the same,” Cotsis said in a statement on Tuesday.

“The Government must strengthen our State’s defences against cyber-attacks and guarantee records at Service NSW are safe and protected.”

Cotsis claimed the data breach could also see the government liable to pay as much as $40,000 to each of the 186,000 people who suffer loss or damage as a result of the privacy breach under the PPIP Act.

“The NSW Auditor-General identified serious cybersecurity weaknesses in state government agencies last year, yet this government failed to act,” she added.

“Now taxpayers could be forced to foot the bill for this Minister’s mismanagement of Service NSW, a hugely important agency that 8 million people depend on.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
breachcybercyber securitydatagovernmentitsecurityservice nsw

Partner Content

Top 5 Benefits of Managed IT Services
Promoted Content Top 5 Benefits of Managed IT Services
5 essential digital transformation ideas
Promoted Content 5 essential digital transformation ideas
Alienated from your own data? You’re not alone
Promoted Content Alienated from your own data? You’re not alone
Don't miss Australia’s premiere IoT Conference on 9th June
Promoted Content Don't miss Australia’s premiere IoT Conference on 9th June

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

  • 11th Annual Fraud Prevention Summit 2022
  • iTnews Benchmark Awards 2022 - Finalist Showcase
  • IoT Impact Conference
  • Cyber Security for Government Summit
By Justin Hendry
Sep 9 2020
6:41AM
0 Comments

Related Articles

  • TfNSW finds more customers, employees impacted by Accellion breach
  • NSW Education had unknown vulnerability in breached system
  • Volvo Cars investigating theft of R&D data
  • Australia's Copyright Agency investigates cyber incident
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co sizes up six-figure customer exodus a year to fixed wireless

NBN Co sizes up six-figure customer exodus a year to fixed wireless

NBN Co to cut 160 applications under $200m IT simplification

NBN Co to cut 160 applications under $200m IT simplification

Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS

Digital Nation

CTO Juergen Mueller offers a glimpse into SAP's metaverse play
CTO Juergen Mueller offers a glimpse into SAP's metaverse play
COVER STORY: A Year in the Metaverse
COVER STORY: A Year in the Metaverse
COVER STORY: Data and IoT set digital agriculture on a sustainable future
COVER STORY: Data and IoT set digital agriculture on a sustainable future
Why do DeFi and DAOs matter to business?
Why do DeFi and DAOs matter to business?
Lendlease launches its own metaverse in Milan
Lendlease launches its own metaverse in Milan
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.