NSW Treasurer reveals cyber incident

The NSW Government on Monday declared a significant cyber incident after a data breach allegedly involving a NSW Treasury staff member.

The Treasurer Daniel Mookhey announced the incident at a press conference, saying that that the person involved “has been an employee of the NSW Treasury for around three years”.

Internal security monitoring detected a suspected transfer to an external server of a substantial cache of documents containing confidential commercial and financial information. The files cover multiple NSW Government departments and projects. It is alleged the employee accessed and illegally downloaded more than 5600 sensitive government documents.

NSW Treasury reported the matter to NSW Police on Sunday. Police then launched an investigation under Strike Force Civic, leading to criminal charges.

While the police are continuing their investigation, they believe all the alleged stolen data has been located, is now secure, and there was no external compromise to the agency’s system.

The NSW Chief Cyber Security Officer is currently coordinating the government’s whole-of-agency response, as per the state’s cybersecurity plan. There is no current impact to any NSW Government service.

“I thank NSW Police and Cyber Security NSW for their rapid actions since Sunday,” Mookhey said.

Image credit: iStock.com/tsingha25