Melbourne, Australia—According to reports, a recent data breach at OracleCMS, a third-party call center operator, exposed sensitive information belonging to Victorian councils. The attack, believed to have been carried out by the LockBit ransomware gang, has sent shockwaves through the region.
While the breach is still under investigation, attackers reportedly gained access to a range of data, including corporate information, contracts, invoices, and triage workflows.
The Victorian Legislative Council (VLC) is the upper house of the bicameral Parliament of Victoria, Australia, the lower house being the Legislative Assembly. Both houses sit at Parliament House in Spring Street, Melbourne
What is OracelCMS?
OracleCMS is a leading outsourcing provider in Australia, serving multiple industries. Our award-winning brand provides Customer Management Solutions and develops various platforms for organizations..
However, the most concerning aspect of this incident lies in the revelation that several Victorian councils were utilizing OracleCMS’ services, as reported by Cyber Daily. It raises the possibility that a significant amount of personal data belonging to residents and businesses in the region, such as financial records, health information, and contact details, may have been compromised.
OracleCMS has become aware of a cyber security incident in which a third party gained unauthorised access to a portion of OracleCMS’ data and has now published files online.
Upon discovery, OracleCMS engaged external cyber security experts to help us secure our systems and investigate the incident.
Available evidence suggests that the impacted data is limited to corporate information, contract details, invoices, and triage process workflows. Any personal information, if present, is anticipated to be basic contact information as appears in contracts and invoices. We are advised that this data presents a low risk of misuse.
We have contacted the client organisations which our investigation has identified as potentially impacted and we will be working with them to notify those who require guidance and support to mitigate the risk of data misuse.
We understand this news may cause concern, and we are deeply sorry that this has happened. We are committed to keeping our stakeholders updated as we work to respond to this incident.
For further information, please contact our dedicated response team [email protected].
As a precautionary measure, we provide the following advice to allow people to consider how they can best protect their data from misuse if their contact details are exposed.
OracleCMS said
According to reports, the exposed data could include names, phone numbers, and even property addresses. Local councils are working to notify potentially affected individuals and are taking steps to mitigate any potential misuse of the exposed data.
This incident is a stark reminder of the ever-present threat cybercriminals pose. Targeting a seemingly innocuous call center operator highlights the interconnectedness of today’s digital landscape and the potential for widespread data breaches.
Be responsible vigilant for any suspicious activity in your accounts as more information becomes available regarding the breach and actions taken by Victorian councils. We’ll provide updates as soon as possible.
Cyber Daily reported
