Sensitive data on schoolchildren and their parents has been accessed and published on the dark web as part of a major hack on a Tasmanian Government department.
The state government is now investigating the theft of data from the Department for Education, Children and Young People, which occurred through a third-party transfer service, GoAnywhere MFT.
Investigations indicate a risk financial data from the department, including names, addresses, invoices and bank account numbers had been accessed by hackers.
Data accessed by the hackers was released on the dark web on Friday morning according to cyber security experts who released screenshots.
Russian hacker group cl0p is behind the cyber attack and only released a “sample” of the data accessed, which is believed to contain the information of thousands of students and teachers.
Australian mining giant Rio Tinto was also caught up in the hack and was contacted with demands for money, according to Opposition IT, science and technology spokesperson Jen Butler.
Ms Butler did not know if the government had been contacted with a ransom.
“We’re not sure if a ransom has been demanded, but these Russian hackers don’t mess around,” Ms Butler said.
“They are a very sophisticated criminal group.”
She said it was “hard to know” just how many people had been caught up in the data breach.
“We know that every primary school across Tasmania has been listed as compromised and that information from some primary schools has been put on the dark web,” she said.
The Minister for Science and Technology Madeleine Ogilvie has said the government is bolstering security over the Easter break.
“Additional resources will be deployed over Easter in case the improper release of data is detected,” she said.
Ms Ogilvie is due to give a press conference on Friday afternoon with an update about the situation.
More to come.