Public servants left the door open to your private data – Class Action Anyone?
NSW Shadow Minister for Better Public Services Sophie Cotsis is demanding the Government explain how cyber criminals were able to steal 3.8 million documents from Service NSW.
It comes after Ms Cotsis, who has been holding the Government to account over the breach, discovered she is among the 186,000 people whose information was stolen.
NSW Labor will use an upcoming Parliamentary Inquiry into cyber security this month to explore the extent of the problem and the lack of assistance available to those impacted.
“I have been calling for months for the NSW Government to harden its digital systems against cyber attacks,” Ms Cotsis said.
“I was upset and shocked to find I was one of the victims of this cyber crime, however I am even more upset for the other 186,000 innocent people whose data was stolen.
“While the Government claims to be helping victims of this attack, my conversations with people’s experience was that their support services are difficult to navigate”.
The Government have said this attack occurred because Service NSW did not use multi-factor authentication for staff log-ins, which means the NSW Government has not been following guidance from the Australian Cyber Security Centre.
A report published by the Auditor-General last year indicates at least 26 NSW Government agencies may be vulnerable to this type of attack.
“The Government is responsible for safeguarding sensitive information including people’s health records, legal information and finances,” Ms Cotsis said.
“This data breach was foreseeable and preventable, but so far no one has been held accountable for failing to keep our people’s private information secure.
The first hearing into cyber security will begin on 29 October.