Posted on: 26 October 2023
It’s been revealed the data of thousands of Super SA members – including names, addresses, dates of birth and drivers licence details – were exposed to the dark web for at least three weeks following a major cyber security breach.
Under questioning during Parliament’s Budget and Finance Committee, Department of Treasury and Finance executives revealed a threat on the dark web was first identified on the 18th of August by the Department of Premier and Cabinet’s cyber security team.
The data linked to more than 14,000 Super SA members wasn’t removed from the dark web until the 8th of September – three weeks later.
The committee heard this set of data was not exposed to the dark web during the initial 2019 Super SA cyber attack.
The alarming incident only came to light after questioning from the Opposition in Parliament on Wednesday last week.
Shadow Treasurer, Matt Cowdrey, said it’s unacceptable the Malinauskas Labor Government didn’t notify South Australians of this cyber security breach at the first available opportunity.
“South Australians deserve transparency when it comes to their data and cyber security threats – especially when their personal details are being exposed on the dark web,” Mr Cowdrey said.
“We know Labor is addicted to secrecy, so we have serious doubts over whether Peter Malinauskas or Stephen Mullighan were ever going to make this alarming incident public.
“That the names, addresses and dates of birth of more than 14,000 public servants were exposed to the dark web for at least 21 days is frightening to say the least.
“Peter Malinauskas and Stephen Mullighan need to explain why they didn’t feel the need to let the public know that this data had been exposed to the dark web straight away. Super SA members deserved better.”
Shadow Minister for Finance and Tax Reform, Heidi Girolamo, said the Malinauskas Labor Government needs to reassure South Australians they’re taking cyber security seriously.
“In today’s world, cyber attacks are becoming more and more frequent, and Labor’s handling of this latest major attack has South Australians worried over the safety of their personal information,” Ms Girolamo said.
“Transparency is the key to trust, so it’s disappointing we’ve only learned the details of this cyber attack through questioning in Parliament.
“There are clearly some significant gaps here which need to be addressed and Peter Malinauskas and Stephen Mullighan must work hard to restore South Australians’ confidence that protecting their private data is a priority.”