Service NSW falls victim to phishing attack

Service NSW falls victim to phishing attack

Investigations under way

Forensic specialists have been brought in after a staff member at Service NSW fell victim to an email phishing scam. 

Earlier news reports said that the incident has impacted customers who have physically visited a Service NSW branch or contacted the service via phone. 

Service NSW launched a comprehensive investigation in response to the discovery of a possible breach on April 22, the government agency said in a statement. 

In response, Service NSW alerted police and authorities of the cyber attack that has accessed customer information held in emails.

This investigation subsequently identified the email accounts of 47 Service NSW staff members were illegally accessed.

Specialists have been engaged to perform a deep analysis of the email accounts to identify any personal information that may have been accessed through this attack.

“Initial assessments were not clear on the reach of the attack,” Service NSW said in a statement. 

Service NSW CEO Damon Rees said it was a very complex issue and the analysis and investigation are both ongoing, and it was working as quickly as possible to confirm the scope of this attack on the personal information of its customers.

He said its internal cyber security teams stopped the attack and worked to limit the impact on customers and services.

“We are now confident the criminal access was limited to the content of those email accounts, which are related to transactions over the phone or over-the-counter at a Service NSW Centre,” he said. “Cyber security is incredibly important and we’re very sorry that we haven’t been able to successfully protect our customers against this complex attack.

 “We are going to do everything we possibly can to help customers who have been affected by this. We’ve established a dedicated team to offer help to affected customers.

“Service NSW will contact customers who we determine have been affected by this criminal attack.

The stolen data was stored in email records and customers should be reassured that individual MyServiceNSW Accounts have not been compromised, the government agency said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Service NSW

Show Comments