New South Wales Overall health has confirmed staying impacted by a cyber attack involving the file transfer process owned by Accellion.
The process was broadly employed to share and retailer information by organisations all around the earth, like NSW Overall health, the govt entity claimed on Friday afternoon.
“Next the NSW government’s tips before this year around a entire world-vast cyber assault that integrated NSW government businesses, NSW Health and fitness is notifying men and women whose info may possibly have been accessed in the world wide Accellion cyber assault,” it stated in a statement.
The state entity said professional medical information in public hospitals have been not affected and the computer software involved is no more time in use by NSW Wellness.
“Various sorts of information, which includes identity data and in some cases, health-similar personalized facts, were being integrated in the assault,” it extra.
NSW Health and fitness mentioned it has been performing with NSW Police and Cyber Protection NSW and that to date, there is no proof any of the info has been misused.
See also: How NSW Health and fitness employed tech to answer to COVID-19
“A cyber incident support line has been established up to supply even more details and assistance to those people individuals NSW Health and fitness is getting in contact with,” it explained. “If you are contacted by NSW Health and fitness, you will be presented the cyber incident aid line specifics if you are not contacted by NSW Health and fitness, no action is essential.”
The NSW Law enforcement Force and Cyber Protection NSW have set up Strike Force Martine to ascertain the affect on NSW government businesses that ended up caught up in the assault on Accellion.
Accellion’s file-sharing application, File Transfer Appliance, is an business solution applied to transfer huge data files. Even though now discontinued and supplanted by other computer software these types of as Kiteworks, a zero-working day vulnerability in the legacy software was uncovered in December and has considering the fact that been exploited by attackers in the wild.
It is approximated that some 100 organisations all around the globe were being among these impacted by the breach.
Transport for NSW in February verified getting caught up in the breach.
The Australian Securities and Investments Commission (ASIC) in January reported 1 of its servers was breached previously in the month in relation to Accellion program used by the company to transfer data files and attachments.
Accellion was also used as the vector to breach the Reserve Bank of New Zealand (RBNZ) in January.