Déjà vu for Super SA members after new data breach

The same 14,000 members of a state public service superannuation fund caught up in a 2019 data breach have had their personal information exposed once again.

Oct 19, 2023, updated Jan 30, 2024
Photo: InDaily.

Photo: InDaily.

Treasurer Stephen Mullighan confirmed the data breach yesterday in state Parliament, and said today it involved the same Super SA members impacted by a 2019 data breach.

Mulligan told Parliament the breach occurred nearly two months ago but that he “was only advised … late last week”.

The Treasurer said the latest breach was not an attack on Super SA servers; rather, members’ data was stolen from a call centre employed by the government in 2019 to manage calls following the initial breach.

“There was a significant cyber security breach in 2019, and at that time when Super SA was looking for some support to help them deal with what would be an influx of calls they engaged a South Australian call centre provider to manage some of those calls,” Mullighan told ABC Radio Adelaide this morning.

“It now is clear that the call centre provider has – contrary to their obligations – held onto the data set that was provided to them back in 2019 and it’s the call centre that has had that same data set now breached in recent times.

InDaily in your inbox. The best local news every workday at lunch time.
By signing up, you agree to our User Agreement andPrivacy Policy & Cookie Statement. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

“That was actually not detected by the call centre, that was actually detected by the government in the monitoring activities that we undertake and that’s been worked through over a period of the last two months to try and verify exactly what information has been accessed and what has happened to that information.”

The revelation comes as the government promotes Cyber Awareness Month with a theme of  “Be cyber wise, don’t compromise” on its social media channels.

Opposition treasury spokesman Matt Cowdrey accused the state government of keeping the latest breach a “secret”.

“It is incredibly concerning and quite frankly astounding that this cyber attack happened almost two months ago yet was only made public to South Australians under questioning from the Opposition,” he said.

“It’s completely unacceptable that Peter Malinauskas and Stephen Mullighan were advised about this cyber attack last week, but kept it secret and haven’t done a thing to assure South Australians that their data is safe.”

Local News Matters
Copyright © 2024 InDaily.
All rights reserved.