Following the extensive Optus breach, security firm G4S is the most recent business in Australia to be attacked by hackers.
Current and former Australian workers of the company have been informed that a ransomware assault resulted in the theft and online posting of their tax file numbers, bank account information, and medical check information.
The vulnerability is thought to be connected to a hacking assault on Victoria’s Port Phillip jail in early July.
However, the company didn’t become aware of the data’s online publication until mid-September and didn’t alert personnel until Tuesday.
Despite the fact that the assault took place inside Port Phillip Prison, the hackers had access to the company’s entire Australian network.
The number of employees that were impacted by the incident is unclear.
Employee names, residences, dates of birth, contact information, police and medical check results, tax file numbers, bank account information, superannuation information, Medicare numbers, and license information were among the information gathered.
Paystubs, health data supplied with the employer, and information on Workcover claims or incident reports were sometimes also taken.
The business informed staff that the data was difficult to access, that steps had been made to stop the third party from accessing G4S systems in the future, and that it was collaborating with the Australian Cyber Security Centre (ACSC).
Daily Mail Australia has contacted G4S for comment.
It had already informed the Guardian that it will keep “working with affected people to provide them full assistance.”
G4S gave impacted individuals advice on how to get new identification papers, but it did not offer to cover the cost of the new ones or to give credit monitoring.
An employment firm has also experienced a data leak comparable to the Optus attack.
The attack allowed access to private papers including Covid-19 immunization records and photographs of passport pages.
Due to individuals uploading their licenses as their profile photos, images of hundreds of thousands of the company’s customers’ identification papers, including driver’s licenses, were also made publicly accessible via Google image search results.
The employment agency’s identity hasn’t been made public.
It follows the significant Optus data breach, which the troubled telecom firm revealed new information about on Monday.
The identity information of 2.1 million current and past customers was compromised, according to Optus.
A minimum of 1.2 million customers’ personal information, including 150,000 from passports and 50,000 from Medicare cards, have had at least one number from a current, valid form of identity exposed.
In a brand-new video message, Optus CEO Kelly Bayer Rosmarin said that those 1.2 million consumers should take action and have already been informed.
As updates from licensing authorities become available, the other 900,000 people whose expired IDs had personal information exposed in addition to them may also need to take action.
7.7 million clients have not had their personal information stolen and do not need to take any action, but they are reminded to be cautious.
On Tuesday, it was also made public that Telstra had had a significant data breach, during which hackers had access to the private data of 30,000 present and past employees.
On the same site where the Optus breach information was shared last week, the staff members’ identities and email addresses were also made public.
First names, last names, and work email addresses of 30,000 Telstra workers from before 2017 were disclosed in the data.
Additionally, it included data on the 12,800 people who are still working for the company.
On Saturday, Alex Badenoch, group executive for transformation, communications, and people at Telstra, sent an email to the workers.
The employee rewards program Worklife NAB from Telstra was previously given through a third-party organization, according to the spokesperson.