Was it an insider, a nation state or criminal actor?
The details of 30,000 government employees have been stolen in the first reported cyber attack this year, prompting experts to warn businesses to be vigilant and up-to-date with cyber security.
An unknown hacker downloaded information about Victorian public servants including their work emails, job titles and phone numbers.
The Victorian Government has referred the breach to police and the Australian Cyber Security Centre, while staff have been told to stay alert for any increased phishing, spam and social engineering using their email addresses and phone numbers.
Experts said the stolen data could also be used for a variety of criminal activities such as influencing governments or launching another bigger, targeted attack.
Nova Entertainment hit by cyber data breach
Reports of the data breach come after another incident reported by Australian radio station operator Nova Entertainment.
The radio station reported that listener data had been stolen and publicly disclosed.
Stratium Global adviser Don Codling warns attackers are continuing to exploit vulnerable information systems – through social engineering (phished email), exploiting unpatched systems, by undetected insider threat actors or by a dedicated attack plan launched by Nation states or criminal actors.
Mr Codling, a former FBI agent specialising in cyber security said “it is a never-ending business risk calculation for senior management, system administrators and employees.
“Understanding the cyber threat intelligence environment is always among the first steps to defending any enterprise,” he said.
Mr Codling said the breach serves as a reminder “that practicing basic cyber hygiene, segmenting and encrypting data bases, having data loss prevention tools in place and conducting regular cyber security audits, for example where is your data? Do you have critical data backed up properly? Do you encrypt your sensitive data? are essential and necessary to function in this interconnected world.”
“Welcome to 2019 and the digital battleground.”
For assistance with cyber security call Stratium Global +61 2 9505 9410 or or email firstname.lastname@example.org