Transportation for New South Wales (TfNSW) has confirmed being impacted by a cyber assault on a file transfer method owned by Accellion.
The Accellion method was commonly utilised to share and shop files by organisations all around the earth, together with Transport for NSW, the government entity explained on Tuesday afternoon.
“Ahead of the attack on Accellion servers was interrupted, some Transportation for NSW details was taken,” it wrote.
TfNSW said Cyber Stability NSW is running the point out govt investigation with the support of forensic specialists.
“We are operating intently with Cyber Protection NSW to fully grasp the effect of the breach, together with to customer info,” it mentioned.
It said the breach was confined to Accellion servers and no other TfNSW programs have been impacted, like people associated to driver’s licence information or Opal knowledge.
“We recognise that details privacy is paramount and deeply regret that customers may well be affected by this assault,” TfNSW said.
The Australian Securities and Investments Fee (ASIC) in January stated just one of its servers was breached earlier in the month in relation to Accellion software program utilised by the agency to transfer files and attachments.
Accellion was also used as the vector to breach the Reserve Bank of New Zealand (RBNZ) previously very last thirty day period.
Accellion lately introduced the end-of-lifetime for its FTA product or service following the computer software has been abused in modern attacks to breach several firms and government companies across the earth given that December 2020.
The NSW govt is not new to breach notifications. In April 2020, Service NSW, the condition government’s one-stop store for company shipping, experienced a cyber attack that compromised the details of 186,000 clients. Pursuing a 4-month investigation that began in April, Service NSW reported it identified that 738GB of data, which comprised of 3.8 million documents, was stolen from 47 team email accounts.
It was also revealed in September that info on 1000’s of NSW driver’s licence-holders was breached as a end result of an AWS cloud storage folder that had in excess of 100,000 visuals getting mistakenly remaining open up.