Friday, July 23, 2021

Transport for NSW confirms data theft in Accellion breach

Must Read

Polish game developer CD Projekt Red suffers a ransomware attack

Polish game developer CD Projekt Red, the maker of games such as Cyberpunk 2077 and The Witcher series, disclosed...

WAPDropper malware abuses Android devices for WAP fraud

New WAPDropper malware signals users up to premium services supplied from telecoms from Thailand and Malaysia. Security researchers have discovered...

Authorities likely to tighten cybersecurity Standards after BigBasket data breach

NEW DELHI: Faced with the latest spate of cyber breaches ranging from this on Prime Minister Narendra Modi's site...

Transport for New South Wales (TfNSW) has confirmed it will be affected by the cyberattack on the Accellion-run file transfer system.

The Accellion system has been widely used to distribute and store files by organizations around the world, including NSW Transport, the government organization said Tuesday afternoon.

“Before the attack on Accellion servers was interrupted, some Transport for NSW information was taken,” it wrote.

TfNSW said Cyber ​​Security NSW has conducted a state government investigation with the help of forensic experts.

“We are working closely with Cyber ​​Security NSW to understand the impact of these breaches, including customer details,” it said.

It said the breach was limited to Accellion servers and no other TfNSW programs were affected, including those related to driver’s license details or Opal data.

“We recognize that data privacy is paramount and deeply regret that customers may be affected by this attack,” TfNSW said.

The Australian Securities and Investments Commission (ASIC) in January said one of its services was broken earlier this month in connection with the Accellion software used by the agency to transfer files and attachments.

Accellion was also used as a vector to break the Reserve Bank of New Zealand (RBNZ) early last month.

Accellion recently announced the end of its FTA product life after the software was hacked into a recent attack that has plagued many companies and government agencies around the world since December 2020.

The NSW government is not new to breaching notices. In April 2020, Service NSW, the country’s only one-nation service delivery store, encountered a cyber attack that reduced the knowledge of 186,000 customers.

After a four-month investigation that began in April, Service NSW said it had found that 738GB of data, with 3.8 million documents, had been stolen from 47 employees’ email accounts.

It was also revealed in September that details on the thousands of NSW driving license holders had been breached due to AWS’s last folder containing more than 100,000 images that had been accidentally left open.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This