Thousands of sensitive court files have been leaked in a major data breach of a NSW government website, amid fears of drastic consequences for protected persons.
Cybercrime detectives from the NSW State Crime Command have launched an investigation into the breach involving the state’s Department of Communities and Justice (DCJ).
Police were alerted of the breach to the NSW Online Registry Website, a secure platform offering access to information in civil and criminal cases on Tuesday.
‘Detectives… are working closely with DCJ in order to contain the breach after 9000 sensitive court files were downloaded’ a police spokesperson said.
Apprehended violence orders and affidavits were among the compromised documents.
This means there could be severe consequences for those who have applied for an AVO, according to Redfern Legal Centre Samantha Lee.
‘There’s a drastic concern around the safety of the protected person,’ she told the Sydney Morning Herald.
‘People certainly are apprehensive to give statements in terms of AVO proceedings and would be absolutely distraught to find out that information may have become public.’
NSW Police said affidavits and apprehended violence orders are among the 9000 files leaked from the NSW Department of Communities and Justice (stock image)
Names and addresses of victims and offenders, as well as accounts of alleged offending, could be included in these documents.
‘There’s so much private personal safety information put onto the court registry.
‘There needs to be absolute certainty to guarantee privacy… otherwise the trust in that system will quickly erode.’
NSW Attorney-General Michael Daley said the department and police were taking the incident seriously and working to ensure the integrity of the system following the ‘significant’ leak.
‘They are also working to urgently identify and contact affected users and the public will be kept updated as more information becomes available,’ he said.
A Department of Communities and Justice spokesperson told Daily Mail Australia it takes cyber security ‘extremely seriously’.
‘DCJ has identified a data breach and implemented mitigation strategies to contain it,’ they said.
‘No data has been made public as a result of the breach.’
NSW Attorney-General Michael Daley has said the Department of Communities and Justice and police are taking the major data breach seriously
‘DCJ is working to urgently identify and contact affected users and will provide updates as more information becomes available,’ they said.
All state public sector employees and contractors are required to take mandatory privacy and cyber security training each year.
Police said the investigations is ongoing as they attempt to understand the full extent of the breach.
People who fear their details have been compromised are urged to make a report to ReportCyber.
