This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Frontier Software

Summary

Frontier Software, a third-party payroll provider to the South Australian government, suffered a ransomware attack in December 2021 that compromised personal data of approximately 80,000 public servants. The breach exposed highly sensitive information including bank account details, tax file numbers, and addresses, forcing the Australian Taxation Office to lock thousands of myGov accounts as a precautionary measure.

What Happened

Frontier Software, which processes payroll for SA government agencies, was targeted by a ransomware attack that allowed unauthorised access to employee data. The attackers gained access to the payroll system and exfiltrated personal information before encrypting systems.

The breach affected employees across multiple SA government departments and agencies. The compromised data included bank account numbers (BSB and account numbers), tax file numbers, home addresses, phone numbers, email addresses, and dates of birth - essentially all information needed to commit identity theft or fraud.

Impact on Individuals

The breach exposed some of the most sensitive personal and financial information possible. Affected individuals faced serious risks including:

  • Identity theft: Tax file numbers and dates of birth can be used to impersonate victims with government agencies
  • Financial fraud: Bank account details could enable unauthorised transactions
  • Account takeover: The ATO proactively locked access to myGov accounts for tens of thousands of affected individuals to prevent fraudsters using stolen TFNs

The SA government confirmed almost 80,000 public sector employees were impacted, making this one of the largest public service data breaches in Australian history. Affected employees had to verify their identities to regain access to essential government services through myGov.

Organisational Response

The South Australian government issued breach notices and worked with the ATO to protect affected individuals. The ATO took the unprecedented step of locking tens of thousands of myGov accounts belonging to SA government employees as a protective measure.

Frontier Software engaged cybersecurity experts to investigate the breach and implement remediation measures. The SA government faced scrutiny over its trust in the third-party payroll provider and its data security practices.

The incident highlighted the cascading risks of supply chain attacks, where a single breach at a service provider can expose sensitive data from thousands of employees across multiple government agencies.

Verification Source: View original statement