After a four-month investigation into a data breach affecting Service NSW, investigators have concluded that the personal information of 186,000 customers was compromised as a result of a previous cyberattack. The cyberattack consisted of threat actors gaining access to 47 staff email accounts. The investigation, which began in April, also found that 3.8 million documents totaling 738GB of data were stolen.
Although the stolen documents contained a wealth of personal information on Service NSW’s customers, the company confirmed that the MyServiceNSW account data and Service NSW databases were not compromised during the attack. The documents consisted of transaction applications, handwritten notes, forms, scans, and other sensitive company and customer details.
Read More: Service NSW reveals 738GB of customer data was stolen during email breach