Cybersecurity Incident - update #4

Published on 13 April 2023

2022-Web-Tile-Icons-05_COUNCIL

Data continues to be forensically analysed after preliminary reviews by cybersecurity experts found a wholesale breach on Isaac Regional Council’s systems was “unlikely”.

CEO Jeff Stewart-Harris PSM said Council will continue to work diligently with Dell’s cybersecurity incident response team.

“Data protection is a priority, and we will leave no stone unturned in our lines of inquiry,” Mr Stewart-Harris said.

“We will continue to take action to protect Council’s customers, our people and stakeholders and the information we hold.

“The initial forensics have found there has not been a wholesale breach of personal data or anything like that. We need to wait until the investigation is complete to officially verify this.

“We've been able to track some potential entry points for the ransomware. The likely scenario was through a phishing email and maybe clicking a link. We are not entertaining any ransoms of locked data.”

Ransomware is where a hacker locks system files - typically through encryption - and demand a payment to decrypt and unlock them.

Mr Stewart-Harris said the incident response team have been working to restore the IT environment to allow Council to start the recovery work.

“We’ve accelerated the already-planned email migration as another form of communication with community and customers,” he said.

Council’s customer service team is available at Isaac Regional Council offices and libraries to support our communities. 

EFTPOS capabilities are available at all customer service centres, in person or over the phone via the (07) 2104 5417 while the 1300 ISAACS phone system remains offline as cybersecurity investigations continue.

Council has reminded customers to stay vigilant for possible scams and said it will never contact customers requesting passwords or other sensitive information.

The investigation into the cybersecurity incident has been ongoing since Saturday, 1 April 2023.

 

Tagged as: