By Staff Writer
A cyberattack on payroll provider Frontier Software has seen up to 80,000 South Australian public servants having their personal information stolen. The ransomware attack is the second significant cyberattack on Frontier Software since November.
On Friday, the South Australian Government confirmed its external payroll provider had experienced a ransomware attack resulting in hackers accessing significant amounts of personal data.
South Australian Treasurer Rob Lucas says the personal information of at least 38,000 public servants was compromised. However, he warned that number could run up to 80,000.
Mr Lucas says Frontier advised the Government on Wednesday of the incident. On Thursday, the Government was told hackers had accessed employee data and published some of that information on the dark web.
“The Government’s priority is the safety and security of every employee affected by this incident, and we are doing all we can to provide assistance to impacted employees,” the Treasurer said.
The South Australian Government confirmed identifying information such as full name, date of birth, tax file number, home address, bank account details, employment start date and salary level was accessed.
Frontier Software provides payroll support services to all South Australia government departments except the Department of Education.
“We can confirm that no Department for Education employees are affected,” Mr Lucas said. “We are deeply disappointed that this breach occurred and are working closely with Frontier Software to investigate how this incident happened.”
Frontier Software’s payroll support software services more than 1700 organisations across the public, private and third sectors in 26 countries. Frontier says its flagship software, called ichris, (International Comprehensive Human Resource Integrated Software), sets the “benchmark for human capital management software.”
Chief Executive Officer Nick Southcombe says only one customer, the South Australian Government, was impacted by last week’s cyberattack.
“We are continuing to review and catalogue the data that we believe was stolen from our internal corporate environment, with a primary focus on identifying any customer data that may have been stolen,” Mr Southcombe said in a statement.
“At this point, we have only identified one customer that has been affected, being the government of South Australia, and we are communicating directly with them and providing as much assistance as we can.”
In November, Frontier Software experienced another cyber incident resulting in limited access to some computer systems and some data been stolen.
Among the clients impacted was high profile Tasmanian hospitality and gaming business The Federal Group. They were forced to make advance payments to their employees after the cyberattack delayed normal payroll processing.
Late last week, Treasurer Lucas advised South Australia’s public servants to monitor bank accounts and credit files for suspicious activity. He says all financial institutions, as well as Australian Government cyber and law enforcement agencies, were advised of the incident.
Mr Lucas adds the South Australian Government has partnered with cybersecurity support service, IDCARE, to work with employees to develop a specific response plan and provide personal support throughout the process.
“We apologise to all South Australian Government employees affected,” the Treasurer said.