Data files are believed to be amongst the records stolen during the data breach.
The Government of South Australia was recently informed by its external payroll software provider, Frontier Software, that it was the victim of a ransomware cyber-attack directed at Frontier Software.
The state government confirmed that significant personal information of Government of South Australia employees had been stolen from Frontier’s systems.
This came after Frontier on the previous evening confirmed for the first time that some state government data had been stolen from their network and published on the dark web.
Data files since provided by Frontier Software, which are believed to be amongst the records stolen during the data breach, have been analysed and it has been confirmed that personal information belonging to nearly 80,000 public sector employees has been exposed.
All public sector employees, except for Department for Education staff, should assume that your personal information has been accessed during the cyber-attack on Frontier Software’s systems.
What personal information was accessed?
The data accessed relates to employees of the Government of South Australia only and contains the following identifying information:
- First name
- Last name
- Date of birth
- Department
- Tax file number
- Home address
- Bank account details
- Remuneration
- Tax withheld
- Payment type (where applicable)
- Lump sum payment type and amount – eg the total amount paid for the period, if applicable
- Superannuation contribution
- Reportable fringe benefits tax amount (where applicable).
According to the South Australian Government no passwords, licence numbers, registration details or vaccination statuses were exposed in the Frontier Software data breach.
All public sector employees, including former employees who separated from the public sector between 1 July 2020 and 4 November 2021 (except for Department for Education staff), should assume that your personal information has been accessed during Frontier Software’s ransomware cyber-attack.
The state government has taken immediate steps to inform public sector employees and people on the state government’s payroll of Frontier Software’s ransomware cyber-attack and address all potential areas of exposure, including:
- Working with the Australian Taxation Office (ATO) to add additional security measures to all affected tax file numbers. These measures aim to detect fraudulent activity.
- Notifying banks and financial institutions to add additional safeguards for employees’ payroll bank accounts. There is nothing further you need to do with your bank, however if you have any concerns, please contact your bank directly.
- Alerting Super SA, the public sector employee superannuation scheme, which has put additional security checks in place for all employee accounts.
- Notifying Maxxia, the South Australian Government’s salary sacrifice provider, which has increased its security measures for employees.
- Working with Services Australia to implement additional security measures for employees.
- Payroll Services implementing additional controls for validating changes made or requested to employees’ personal details – eg bank account, address, email, phone numbers and deductions.
The SA Privacy Committee, Office of the Australian Information Commissioner, South Australia Police, the Australian Cyber Security Centre, and the Australian Federal Police have also been notified.
The Government of South Australia has partnered with cybersecurity support service, IDCARE, who can offer employees additional advice for specific concerns relating to your personal information – at no cost to employees.
Frontier Software has been providing payroll services to the Government of South Australia since 2001.