Information compromised include tax file numbers and bank account details, according to the government
Over 13,000 more public servants in South Australia have been impacted by a cyber-attack first reported late last year, according to Treasurer Stephen Mullighan.
Mullighan said in Parliament that a total of 13,088 more current and former public servants had their personal data stolen in a cyberattack on the state government's payroll provider, Frontier Software.
This brings the overall number of former and current SA employees affected to over 90,000 staff, ABC reported, after the initial 80,000 workers hit last year.
The additional 13,000 were discovered by PricewaterhouseCoopers (PwC) when it carried out a "forensic review," which found that affected employees range from government executives and board members to current and former staff members of the SA Police, the Metropolitan Fire Service, and the Department for Infrastructure and Transport.
Information stolen include the employees' tax file numbers and bank account details. They are now being informed by the government as of this week, according to the treasurer
Mullighan noted that the attack on Frontier Software was perpetrated by "an overseas criminal organisation," which posted the accessed data to the dark web.
However, the data were only accessible on the dark web for less than 24 hours, according to the treasurer.
"There is no information regarding any ransom which may have been paid or how Frontier managed engagement with the overseas cybercriminals in relation to this attack," said Mullighan as quoted by ABC News.
Read more: South Australian businesses want mandatory vaccinations expanded
Following the incident, the treasurer said that Frontier Software has implemented additional security measures within its systems, while the government issued a "formal breach notice" to the payroll firm for its "failure to adequately protect the information it holds for South Australian government employees."
Last year's cyberattack on Frontier prompted the government to advise its employees to take "precautionary action" and assume their personal information has been accessed.
The SA government also coordinated with the tax office to implement additional security measures, including adding safeguards for its employees' bank accounts, alerting the public sector superannuation scheme, and informing the salary sacrifice provider, following the incident.
