Aboriginal child protection service contracted by SA government hit by data breach
An Aboriginal community organisation that provides services to children under government protection in South Australia has been hit by a data breach, impacting about a thousand community members.
Key points:
· Aboriginal Family Support Services (AFSS) detected the data breach on November 27
· Personal information, such as payment details and identification documents, may have been compromised
· The child protection department said there was no access to, or any breach of SA government IT systems
The Department for Child Protection said Aboriginal Family Support Services (AFSS), which is contracted by the South Australian government, detected the breach on November 27.
The department said personal information, such as payment details and identification documents, may have been compromised.
It said there was no access to, or any breach of state government-operated IT systems.
"AFSS is making active efforts to contact people affected by the data breach and advise them on steps they can take to protect their personal information," the department said in a statement.
"No AFSS services have been impacted and the organisation's staff continue to deliver services to the community."
AFSS is a non-government organisation that provides services in child welfare, child protection, family support and family based foster care, the department said.
Personal information, such as payment details and identification documents, may have been compromised.(ABC News: Guido Salazar)
Department for Child Protection deputy chief executive Adam Reilly said the department was working with AFSS to assess the impact of the incident.
"The state government takes the privacy and confidentiality of personal data seriously and we are working with AFSS to help ensure those who may have been affected can access the support they need," Mr Reilly said.
"Events such as this serve as a continuing reminder of the need to be vigilant about our personal security and having a prudent approach to information protection."
The department said the incident has been reported to the National Office of Cyber Security and the Office of the Australian Information Commissioner.
It follows a breach in October when the state government confirmed that Super SA had been impacted by a cyber security breach.
SA Health said "unintentional human error" by patient portal Personify Care allowed an "unauthorised third party" to delete a folder used to store the information of 121 patients and phone numbers of 12,000 others.