As a result of a data breach involving at least 16,000 documents, the names, addresses, and bank account information of parents and students from Tasmania have been made public online.
As part of a cyberattack on a third-party transfer program used by the Tasmanian Department of Education, Children, and Young People, hackers exposed the records.
The records, which included bills, bank statements, and the names and addresses of people associated with the department, had been obtained by the ransomware organization Cl0p, according to science and technology minister Madeleine Ogilvie.
She acknowledged that as investigations go on, there might be more records that are impacted.
She said that Tasmanian schools had been informed of the data breach and that a hotline had been established for people to call if they were concerned that their personal information had been accessed: 1800 567 567.
Ms. Ogilvie stated, “My concern is for specific students and parents; we need to triage that and we’ll be working through it.
“If you see any strange behavior, such as on your bank statements, please report it to the police, the Australian Cybersecurity Centre, or simply call us at the number provided.
“That’s terrible. It is unlawful. And the issue we’re facing is a global one.
“I have the utmost sympathy and empathy for those who have unintentionally been caught up in these document leaks, and I’m very, very concerned about them.
The state government announced on March 31 that its data had been accessed as a result of the breach, which affected the third-party file transfer provider GoAnywhere MFT.
After a patch was applied to address vulnerabilities, Ms. Ogilvie said that the government was still using the program as part of “best practice.”
“The specific occurrence lasted for four days. That issue was fixed after a patch was applied, the speaker stated.
“The information that was transferred during that window is what we’re dealing with right now.”
Rio Tinto and Crown Resorts are reportedly other victims.
Jen Butler of Labor said it was time for the premier to “manage this crisis.”
The possibility that every primary school in Tasmania, as well as every organization and person who has dealt with the Department of Education, may be compromised, she added, “could put some people in a very dangerous situation.”
“We are aware that other organizations, like Rio [Tinto], that the same Russian hackers also hacked, have been contacted for ransom. Once they get that information, these very intelligent criminal organizations will use that as part of their procedure.
Rebecca White, the head of Labor, said she had asked the government for a briefing since it was a “serious situation” and parents were “rightly concerned.”
Given the huge amounts of personal data currently present in society, cyber security experts advised being vigilant in order to be protected.
As a security expert and former director of Impression Research and Cyber Security, Nikolai Hampton said, “There is nothing you can do other than [be vigilant] and understand that these scams are out there.”
The several methods the community was forced to confirm identity, according to him, posed the most problem.
“You have data that becomes a part of your identification record, such as payment information, your home address, your birthdate, and your driver’s license number.
“So once it’s out, you can’t go easily change your birth date… It gets harder and harder as time goes on.
“That kind of privacy, in some ways, the horse has already bolted.”
What possible reasons could there be for such breaches, and what purpose does data like email addresses and phone numbers serve?
Joel Scanlan, a senior lecturer and cyber security expert at the University of Tasmania, said that while hackers’ motivations could vary, they were increasingly driven by money, whether on a large scale or through identity theft.
Fundamentally, it’s an evil deed, according to Dr. Scanlan.
“In recent years, there have been a lot more data breaches that we’re seeing… [are] around breaches of privacy, breaches of confidentiality, trying to get a lot more information about people that they can then use to make money… ” whether it involves identity theft or obtaining banking information to empty and drain those accounts.
According to Mr. Hampton, an increase in security breaches may enable con artists to combine information gleaned from other incidents.
When they conduct social engineering-style attacks, he explained, “it becomes a problem that is compounded because the more they learn about you, the more influence they can have over you.”
Their actions and statements might all become more credible.
The other issue, according to him, was that frequently the effects of the breach were not noticed until much later, especially if your data had been sold or given to fraudsters or other organizations.
However, Mr. Hampton thought that rather than focusing on specific people, breaches usually favored quantity over quality.
For instance, it makes no difference if not everyone falls for a fraud like being contacted by an official-looking account asking for money if a collection of emails has been obtained.
“They’re going to succeed,” Mr. Hampton said, “if 99 percent of people don’t fall for [a scam] but hundreds of thousands of people are breached.”
Another major driver is ransoms.
Their goal is to threaten that the data will be released and cause harm to your organization if you don’t pay me or our ransomware gang $50,000.
They’re not explicitly searching for your personal email address or bank account. They are searching for any information that might be useful to an attacker or scammer in the future.
Someone’s money is being demanded by [the group].
For those worried that a breach may have exposed their personal information, Dr. Scanlan said there are steps they may do to reduce the risk.
Dr. Scanlan stated, “The fundamental way to protect ourselves is to be mindful of what data we have out there and to try to minimise what’s out there.”
Other alternatives included making sure passwords aren’t used repeatedly across many accounts and changing passwords for email accounts if it’s possible that the information has been compromised.
“Keep an eye out for any odd behaviour. Have any new accounts been opened recently that you didn’t create yourself?
“If it relates to money, you should maintain a very tight eye on your financial statements.
Is anything currently in use? Has my credit card information been used to make purchases?
The Australian Cyber Security Centre is handling the investigation into the Tasmanian government data breach, and the government is warning its citizens to be on the lookout for any unusual activities or attempted frauds.
