NSW Treasurer reveals cyber incident


Wednesday, 22 April, 2026

NSW Treasurer reveals cyber incident

The NSW Government on Monday declared a significant cyber incident after a data breach allegedly involving a NSW Treasury staff member.

The Treasurer Daniel Mookhey announced the incident at a press conference, saying that that the person involved “has been an employee of the NSW Treasury for around three years”.

Internal security monitoring detected a suspected transfer to an external server of a substantial cache of documents containing confidential commercial and financial information. The files cover multiple NSW Government departments and projects. It is alleged the employee accessed and illegally downloaded more than 5600 sensitive government documents.

NSW Treasury reported the matter to NSW Police on Sunday. Police then launched an investigation under Strike Force Civic, leading to criminal charges.

While the police are continuing their investigation, they believe all the alleged stolen data has been located, is now secure, and there was no external compromise to the agency’s system.

The NSW Chief Cyber Security Officer is currently coordinating the government’s whole-of-agency response, as per the state’s cybersecurity plan. There is no current impact to any NSW Government service.

“I thank NSW Police and Cyber Security NSW for their rapid actions since Sunday,” Mookhey said.

Image credit: iStock.com/tsingha25

Related News

ASD recommends improving router hygiene to counter Russian threat

Russian Federal Security Service (FSB) Center 16 cyber actors continue to exploit poorly...

ACSC releases cybersecurity video training for privileged users

A series of training videos offers a practical, engaging way for privileged information and...

ACSC critical alert for Fortinet Firewalls and VPN Gateways

The Australian Cyber Security Centre has raised an alert that it is aware a widespread malicious...


  • All content Copyright © 2026 Westwick-Farrow Pty Ltd