Service NSW has put the cost of an email account compromise that exposed a staggering 736GB of data to unknown attackers, including the personal information of 186,000 customers, at $7 million.
The dollar-figure for the breach – which took place in April, but which customers were only notified of in September – was revealed in budget documents released on Tuesday.
It is the first time the government has acknowledged the cost of the compromise that was limited to the email accounts of 47 staff members.
Approximately 3.8 million documents, including handwritten notes, forms, scans and records of transaction applications, were snatched in the heist.
“In April 2020, Service NSW alerted police and authorities to a cyber attack that has potentially compromised customer information,” budget documents state.
“Investigations into this matter are still ongoing however, Service NSW is expected to incur legal and investigation costs of approximately $7 million.”
The breach has also forced the government to cough up $5 million to upgrade the cyber defences of the one-stop-shop for NSW government services under a “cyber security upgrade program”.
The program will “ensure that measures used to protect government systems – and the information processed, stored or communicated on these systems – is protected”.
Funding for the program, to be provided over two years, appears separate to the $240 million set aside for cyber security over the next three years in the $1.6 billion digital restart fund.
Service NSW will also receive $3.8 million for a “digital renewal notice program” that will give customers the option to receive vehicle registration renewal notices and reminders via email or text.
“This will save customers time and money and allow customers immediate access to their documentation,” budget documents state.
Customer Service Minister Victor Dominello has also outlined a “rapid expansion of the Service NSW app” to provide more customised services.
While there is no specific mention of this in budget documents, Service NSW will receive $50 million this year to "increase the number of services offered through its one-stop-shop".
