This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Sunwater

Summary

Sunwater, a Queensland government-owned bulk water supplier, was targeted by hackers who maintained undetected access to the organisation's systems for approximately nine months. The prolonged breach of a critical infrastructure provider raised serious concerns about water security and the vulnerability of essential services.

What Happened

Hackers gained access to Sunwater's IT systems and maintained persistent access for about nine months before the intrusion was detected in November 2021. The extended dwell time meant attackers had opportunity to explore the network, access data, and potentially gain understanding of operational systems.

Sunwater is a critical infrastructure provider managing water storage and distribution across Queensland, including dams, weirs, and pipelines supplying irrigation, industry, and towns. The breach of such infrastructure created concerns beyond typical data theft, including potential risks to operational technology and water supply systems.

The fact that attackers remained undetected for nine months indicated sophisticated techniques to avoid detection and maintain persistent access to the network.

Impact on Individuals

While Sunwater did not disclose specific data compromised, the extended access period meant attackers could have obtained:

  • Employee information and internal communications
  • Stakeholder and customer data
  • Operational information about water infrastructure
  • Internal system configurations and security details

The breach of critical water infrastructure also raised broader public safety concerns beyond individual privacy impacts.

Organisational Response

Once the breach was detected, Sunwater engaged cybersecurity experts to investigate the extent of the compromise and remediate affected systems. The organisation worked with government cybersecurity agencies given its critical infrastructure status.

The incident prompted reviews of cybersecurity measures for Queensland's critical infrastructure providers and highlighted the challenges of detecting sophisticated intrusions in industrial and utility systems.

Verification Source: View original statement