Visit our COVID-19 page for information and advice on the assistance available for NSW residents and businesses

Service NSW news articles and media releases are point-in-time statements. Please note the date of issue.

Service NSW is in the final stages of analysis into the cyber attack earlier this year on 47 staff email accounts and is now working to notify customers who had personal information in the breach.

Identified customers at risk will be notified by person-to-person registered Australia Post which they’ll have to sign for. The letter will be personalised and include important information about data accessed during the breach and how to get support.

Service NSW will never call or email a customer out of the blue requesting customer information about this or any other data breach.

“The investigation, which began in April, engaged forensic specialists to analyse 3.8 million documents in the accounts. This rigorous first step surfaced about 500,000 documents which referenced personal information,” said Service NSW CEO Damon Rees.

“The data is made up of documents such as handwritten notes and forms, scans, and records of transaction applications.”

“Across the last 4 months, some of the analysis has included manual review of tens of thousands of records to ensure our customer care teams could develop a robust and useful notification process.”

“We are sorry that customers’ information was taken in this way.”

“Our focus is now on providing the best support for approximately 186,000 customers and staff we’ve identified with personal information in the breach,” said Mr Rees.

The registered mail will be sent progressively as the data is validated, with the notifications due to be completed in December.

NSW Police are working closely with Service NSW as they assess potential lines of inquiry about the criminal attack. Service NSW has also regularly briefed Cyber Security NSW and the Information and Privacy Commissioner.

There is no evidence that individual MyServiceNSW Account data or Service NSW databases were compromised.

Service NSW has already added additional security measures to protect against this type of attack. Service NSW is among the agencies to benefit from a NSW Government investment of $240 million over three years to further enhance the security of customer information.

Independent cyber support community service IDCARE has partnered with Service NSW to provide an additional level of expert support.

IDCARE Managing Director Professor David Lacey said the innovations being applied by Service NSW are unique and will have a considerable positive impact on the response.

“The approach Service NSW has taken will set a new benchmark on what proactive protections can be put in place from an impacted person perspective, and it provides a roadmap for treating individual risk,” said Professor Lacey.

Among the support being offered to affected customers:

  • A new Service NSW hypercare team able to help customers on a case by case basis including help with documents that may need to be replaced.
  • Access to the cyber support community service IDCARE who will provide an additional level of expert support.

If a customer has any doubt about a contact from Service NSW about this or any other security matter, they should call the Service NSW contact centre on 13 77 88.

Service NSW has made several updates to the cyber incident URL to keep the community informed. The site has been updated with the latest information about the response.

Service NSW cyber incident