NSW Labor is warning the Government’s latest data breach could expose taxpayers to billions of dollars in compensation claims.
According to the Information and Privacy Commission, compensation of up to $40,000 is payable from public sector agencies to people who suffer loss or damage as a result of a privacy breach. If the maximum penalty for the latest breaches was applied up to $7.44 billion in liability could be pursued.
Cyber criminals stole 3.8 million documents relating to 186,000 people’s files at Service NSW. This potentially includes birth certificates, credit card details, medical records, financial information, firearms registration, kids active vouchers, sensitive business details and legal enforcement information.
The Shadow Minister for Better Public Services Sophie Cotsis said:
“Where is the Minister for Customer Service, Victor Dominello?
The NSW Auditor-General identified serious cybersecurity weaknesses in State Government agencies last year, yet this government failed to act.Now taxpayers could be forced to foot the bill for this Minister’s mismanagement of Service NSW, a hugely important agency that eight million people depend on.”
DOMINELLO’S DATA DISASTERS
- September 2020: Confirmation cyber criminals stole 3.8 million documents relating to 186,000 people from Service NSW
- August 2020: More than 50,000 driver licences exposed
- June 2020: Transport for NSW experienced a major system outage, was attributed to a malicious hack
- December 2019 – Auditor-General reports 47 percent of NSW Government agencies are at ‘maturity level zero’ for use of eight essential cyber security strategies recommended by the Australian Cyber Security Centre
- November 2019 – Auditor-General reports 3,324 data breaches across NSW Government agencies
NSW Labor is demanding the Minister apologise for the latest breach.
“If it’s good enough for Mark Zuckerberg and the CEOs of Zoom, Yahoo, Marriott International and British Airways to apologise for data breaches, then Victor Dominello must do the same,” Ms Cotsis said.
CORPORATE RESPONSIBILITY FOR DATA BREACHES:
2020 – Zoom CEO Eric Yuan apologises
2019 – Marriott International Inc Chief Executive Arne Sorenson apologises
2018 – Facebook CEO Mark Zuckerberg apologises
2018 – British Airways CEO Alex Cruz apologises
2017 – Former Yahoo Chief Executive Marissa Mayer apologises
2017 – Equifax CEO Richard Smith resigns
2014 – Target CEO Gregg Steinhafel resigns
“The Government must strengthen our State’s defences against cyber-attacks and guarantee records at Service NSW are safe and protected,” Ms Cotsis said.
NSW Labor introduced Mandatory Notification Private Members Bill, which the Government voted against.
A Cybersecurity Inquiry has been established and submissions close on 20 September.