State government employee data was exfiltrated as part of a ransomware attack on payroll provider Frontier Software, according to South Australia Treasurer Rob Lucas.
According to Lucas, the corporation has told the government that some of the data has been published online, potentially exposing the data of at least 38,000 employees and up to 80,000 government personnel.
Names, dates of birth, social security numbers, home addresses, bank account numbers, employment start dates, paycheck periods, remuneration, and other payroll-related information were all included in the data.
Since 2001, Frontier Software has been managing payroll for the state of South Australia.
The government claims on its website that it “conducts regular independent security testing and evaluations” of Frontier Software.
Frontier Software was targeted on November 13 and notified its customers on November 16 of a “cyber incident,” according to the company. Its systems were restored on November 17, according to the company.
“Frontier Software and CyberCX’s ongoing forensic investigation and other response actions have now established evidence of some data exfiltration from Frontier Software’s internal Australian corporate environment,” it stated.
“Within this compartmentalized environment, we have found no evidence of compromise or exfiltration.”
“We’ve also discovered that some of the information stolen from our internal corporate network pertains to a small number of Frontier Software clients.” We’re in the process of contacting these clients individually to let them know they may be affected.”