Frontier Systems, a payroll software provider has been issued a breach notice over a ransomware attack where personal details of nearly 80000 South Australian public servants were stolen. The action has been taken after the authorities realized the information was stolen directly from Frontier’s corporate network.
David Reynolds, Chief of Department of Treasury and Finance at a parliamentary hearing on Monday said, “We have issued a breach notice to Frontier for being in breach of our provision with them to provide the payroll services in a secure environment.”
Earlier the government disclosed nearly 38,000 employees’ records were stolen and, in some cases, published on the dark web. Though further investigations confirmed nearly 80000 public servants’ information was leaked.
The leaked information contains names, dates of birth, addresses, and tax file numbers, leading the Australian Taxation Office to temporarily lock people out of their ATO Online accounts.
Investigations also revealed the data stolen in the attack was from a file that had been transferred to Frontier’s networks from the government’s payroll system. The information was hacked by some overseas players from one of Frontier’s corporate servers.
He further added, “It hacked their corporate networks and, as it turned out, they had transferred a file with our staff details onto their corporate network out of our secure payroll system. So that file that had been transferred to their corporate network was the one that was accessed by the hacker in this instance, as we understand it.”
Though there have been no reports from any individual who had their details compromised as a result of the data breach. The government is planning on imposing penalties on Frontier for not meeting contractual requirements.
Reynolds assured, “We certainly have provisions in there where they need to meet any costs associated with the implications of this for us, including third-party costs that arise for us in doing this.”
Further, the possibility of terminating the contract with Frontier cannot be ruled out, though any decision in that direction will be informed by a review.
He finally said, “We need a payroll provider, so there is the question about the contract with Frontier, what we do with it and, if we were to stop using them, how we could transition to another provider.”
Hacking Group Accidentally Infects itself with Remote Access Trojan Horse
Iranian hacking group Suspected of Targeting an Airline with New Backdoor
Google Warns 2 Billion Chrome Users