Technology Transport for NSW confirms data taken in Accellion breach

10:02  23 february  2021
10:02  23 february  2021 Source:   zdnet.com

Prices for bus and train tickets are increasing

 Prices for bus and train tickets are increasing Many people in Germany will have to dig deeper into their pockets next year to travel by bus and train in local transport. Depending on the region, tariff increases of up to 2.7 percent have been announced, according to an evaluation by the German Press Agency. © Sven Hoppe / dpa Many Germans will have to dig deeper into their pockets next year for bus and train travel in local transport.

" Transport for NSW takes customer data security concerns seriously and will support those who have been the victim of identity theft," TfNSW said. "Where necessary new driver licence/photo cards are reissued on a case-by-case basis." Cyber Security NSW launched its Cyber Security Vulnerability Management Centre in July. Singapore telco says it has pulled back all use of Accellion 's file-sharing system FTA and is investigating the impact of a cybersecurity attack, having ascertained on February

"However, Transport for NSW takes customer data security concerns seriously and will support those who have been the victim of identity theft. Where necessary, new driver licence/photo cards are reissued on a case-by-case basis." Targeting the vulnerable. Working in the health sector, Edward had a heightened anxiety around privacy breaches and regularly changed his passwords. "It's a sort of feeling where you're vulnerable and could be exploited for essentially doing nothing wrong," he said. "I am concerned about my own identity and also confident in my ability to tie up loose ends, but if it was

Transport for New South Wales (TfNSW) has confirmed being impacted by a cyber attack on a file transfer system owned by Accellion.

a passenger train stopped at a station © ZDNet

The Accellion system was widely used to share and store files by organisations around the world, including Transport for NSW, the government entity said on Tuesday afternoon.

"Before the attack on Accellion servers was interrupted, some Transport for NSW information was taken," it wrote.

TfNSW said Cyber Security NSW is managing the state government investigation with the help of forensic specialists.

"We are working closely with Cyber Security NSW to understand the impact of the breach, including to customer data," it said.

Storming of U.S. Capitol Becomes Emblem of Trump Era Disruption

  Storming of U.S. Capitol Becomes Emblem of Trump Era Disruption The violent invasion of the U.S. Capitol Wednesday will reverberate through American politics for years if not decades to come, reshape global perceptions about the strength of U.S. democracy and become an enduring emblem of the Trump era. Images of mobs storming the building, police drawing guns while barricading the door to the House chamber, and protesters sauntering across the Senate floor showed the seat of American self-governance under siege. The final act of a turbulent presidency became a frightening illustration of threats to the nation’s democracy.

More than 180,000 New South Wales residents are believed to have been caught up in a major cyber security breach after a state government department was compromised earlier this year. Key points: Service NSW began investigating the breach in May after staff emails were compromised in April. "Across the last four months, some of the analysis has included manual review of tens of thousands of records to ensure our customer care teams could develop a robust and useful notification process. "We are sorry that customers' information was taken in this way." 'It shouldn't take four months to notify

Cyber Security NSW , which is currently investigating the breach , said it had been trying to make the commercial entity aware "of its responsibilities to report and remediate any breach ". "We do not know how long this commercial entity had this data open for," said Cyber Security NSW chief security officer Tony Chapman. Cyber security lecturer at the University of Sydney Suranga Seneviratne said the NSW Government should be proactive due to the intensely sensitive nature of the documents. " Transport for NSW should notify these people, we cannot wait until we find the source," he said.

It said the breach was limited to Accellion servers and no other TfNSW systems have been affected, including those related to driver's licence information or Opal data.

"We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack," TfNSW said.

The Australian Securities and Investments Commission (ASIC) in January said one of its servers was breached earlier in the month in relation to Accellion software used by the agency to transfer files and attachments.

Accellion was also used as the vector to breach the Reserve Bank of New Zealand (RBNZ) earlier last month.

Accellion recently announced the end-of-life for its FTA product after the software has been abused in recent attacks to breach many companies and government agencies across the world since December 2020.

Federal judiciary likely compromised as part of SolarWinds hack

  Federal judiciary likely compromised as part of SolarWinds hack The U.S. federal judiciary reported this week that it had suffered an "apparent compromise" as part of the recently discovered Russian hack of IT company SolarWinds. In a statement published to the U.S. Courts' website on Wednesday afternoon, the judiciary noted that its Case Management/Electronic Case Files (CM/ECF) system had suffered "an apparent compromise" that threatened confidentiality due to vulnerabilities linked to the hack of SolarWinds.

The Accellion enterprise content firewall prevents data breaches and compliance violations from 3rd party communications, empowering professionals from every walk of life to do their jobs efficiently — without putting their organizations at risk. With Accellion , CIOs and CISOs gain complete visibility, compliance and control over IP, PII, PHI, and other sensitive content across all 3rd party communication channels, including email, file sharing, mobile, enterprise apps, web portals, SFTP, and MFT.

According to Rees, the data is made up of documents including handwritten notes and forms, scans, and records of transaction applications. “Our focus is now on providing the best support for approximately 186,000 customers and staff we’ve identified with personal information in the breach ,” he Service NSW said it will notify those affected by mail, with notifications expected to be completed in December. The agency said it has employed further security measures to protect against this kind of attack. “Service NSW is among the agencies to benefit from a NSW Government investment of 0

The NSW government is not new to breach notifications. In April 2020, Service NSW, the state government's one-stop shop for service delivery, experienced a cyber attack that compromised the information of 186,000 customers. Following a four-month investigation that began in April, Service NSW said it identified that 738GB of data, which comprised of 3.8 million documents, was stolen from 47 staff email accounts.

It was also revealed in September that information on thousands of NSW driver's licence-holders was breached as a result of an AWS cloud storage folder that had over 100,000 images being mistakenly left open.


  • NSW taskforce wants Australia-wide cyber standards harmony
  • Over 30 million 'COVID safe' check-ins through the Service NSW app
  • NSW running Data61 de-identification tool across COVID data prior to public release
  • NSW government sets up cyber and privacy resilience group to keep customer data safe
  • Service NSW app back after two hour outage

Your email and password were probably posted online in the mother of all data leaks .
Hackers recently posted more than 3 billion user credentials online as part of a massive data breach compilation of emails and passwords. Read on for a way to check and see if your email and password combination was part of this published trove. If they were, there are also some easy steps you can take to protect yourself. We're barely over a month into 2021, and already hackers have been hard at work this year racking up one massive data breach and systems intrusion after another. National headlines were generated in recent days, for example, upon word that a hacker used Teamviewer to try to poison the water supply of a Florida town.

usr: 13
This is interesting!