Personal data fear in breach
THE most sensitive personal information of hundreds of Tasmanian job applicants may have been compromised by a data breach.
Bank details, driver’s licence information, phone and tax file numbers as well as address and next of kin details may have been accessed through the breach of data held by provider PageUp — a human resources company used by the State Government and the University of Tasmania, as well as Telstra and Coles.
PERSONAL information of some Tasmanian job applicants may have been compromised because of a data breach that affected a human resources company used by the State Government and the University of Tasmania.
Bank details, driver’s licence information, phone and tax file numbers, addresses and next of kin details may have been revealed in the breach of data held by third-party provider PageUp.
The breach has also affected major private sector employers including Telstra and Coles.
The State Government yesterday shut down its central recruiting website in response.
PageUp said it was investigating the breach.
“On May 23, 2018, PageUp detected unusual activity on its IT infrastructure and immediately launched a forensic investigation,” chief executive Karen Cariss said.
“On May 28, 2018, our investigations revealed that we have some indicators that cli- ent data may have been compromised, a forensic investigation with assistance from an independent third party is currently ongoing.
“We take cyber security very seriously and have been working together with international law enforcement, government authorities and independent security experts to fully investigate the matter.”
Secretary of the Department of Premier and Cabinet Jenny Gale said applicants for State Government jobs may have been affected.
“As a precautionary measure, the Government has suspended all connections between our systems and PageUp’s systems. This suspension will be in place until we are satisfied that PageUp is secure and there are no further risks.
“This means that the jobs website, jobs.tas.gov.au, is no longer being used to advertise or accept job applications. The website will be used to provide updates about the security incident and government recruitment processes.
“We have no evidence that anyone’s personal information has been compromised. However, we recommend that anyone who has applied via the website for a position with the Tasmanian State Service be vigilant about unusual activity concerning their personal information.”
The University of Tasmania said it would contact those who applied for jobs between January and June directly.
“We have taken immediate steps to remove vacancies from the PageUp system,” the university said in a statement.
“The company has not been able to confirm to the university whether any data related to our community has been compromised, however, we are asking people to assume it has been.”
TasICT chief executive Phil Pyke said organisations, companies and people should always be on the lookout for cyber attacks.
“Any major data breach is of concern, particularly when it provides access to such a high level of personal details,” he said.