The NSW Chief Cyber Security Officer has downgraded the recently declared ‘significant cyber incident’ allegedly involving a Treasury staff member.
Marie Patane’s declaration comes after the Taskforce the Government established in response to the data breach confirmed:
- The incident has been contained and is now in the recovery phase; and Agencies have implemented appropriate remediation measures.
“While legal reviews are continuing, efforts to date to determine any potential impacts on active or past government procurements show that no project has been adversely affected,” said NSW Treasurer, Daniel Mookhey in a statement.
“I thank again Cyber Security NSW, the Taskforce, NSW Treasury and the NSW Police for their rapid actions since the breach was discovered, including launching Strike Force Civic.”
On 20 April, the NSW Government declared the significant cyber incident following the data breach.
At the time, the Government said internal security monitoring had detected a suspected transfer to an external server of a substantial cache of documents containing confidential commercial and financial information. The files covered multiple NSW Government departments and projects.
NSW Treasury reported the matter to NSW Police, which then launched an investigation under Strike Force Civic, leading to criminal charges.
“While the police are continuing their investigation, they believe all the alleged stolen data has been located, is now secure, and there was no external compromise to the agency’s system,” the Treasurer said.
The matter remains before the courts and is subject to an internal investigation.
