On April 21, the state government said that a NSW Treasury staff member was involved in a cyber incident impacting the state agency, which was discovered when a suspected data transfer to an outside party was detected.
“Internal security monitoring detected a suspected transfer to an external server of a substantial cache of documents containing confidential commercial and financial information. The files cover multiple NSW government departments and projects,” the statement said.
The state government declared the data breach incident as ‘significant’, with news suggesting that over 5,600 sensitive documents from multiple departments were allegedly accessed by the staffer.
Following an investigation, a 45-year-old NSW Treasury official was arrested after police executed a search warrant at a Homebush West home, where electronic devices were seized, according to a statement by NSW Police.
Now, the impact of the incident has been lowered after findings from an incident response investigation revealed that “no project has been adversely affected.”
According to a statement by NSW Chief Cyber Security Officer Marie Patane, the incident has now been “contained,” and is in the recovery phase. She also added that appropriate remediation measures had been implemented by relevant agencies.
“While legal reviews are continuing, efforts to date to determine any potential impacts on active or past government procurements show that no project has been adversely affected,” the statement reads.
“I thank again Cyber Security NSW, the Taskforce, NSW Treasury and the NSW Police for their rapid actions since the breach was discovered, including launching Strike Force Civic.
“The matter remains before the courts and is subject to an internal investigation.”
Regarding the individual allegedly responsible for the incident, they were charged with accessing or modifying restricted data. They were granted conditional bail and are to face Downing Centre Local Court on 3 June.
“While the police are continuing their investigation, they believe all the alleged stolen data has been located, is now secure, and there was no external compromise to the agency’s system,” a NSW Police statement from last month reads.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
