Cybercrime detectives are investigating a significant data breach involving the New South Wales Department of Communities and Justice (DCJ), in Australia. The breach, which was detected on March 25, 2025, was identified on the NSW Online Registry website, a secure online platform that provides access to sensitive civil and criminal case information across the New South Wales court system. Approximately 9000 confidential court files, including apprehended violence orders, affidavits, and other sensitive documents, were illegally downloaded, potentially exposing individuals to serious privacy violations and risks.
Immediately upon detection of the breach, officers from the State Crime Command’s Cybercrime Squad launched an investigation under Strike Force Pardey.
DCJ is working closely with cybercrime detectives to assess the full scope of the breach and implement containment measures. The investigation aims to identify how the breach occurred and whether any additional data has been accessed or compromised. As of now, no sensitive data has been made publicly available, but authorities are still working to determine the potential risks involved.
The Department of Communities and Justice acted quickly in response to the breach, prioritizing user data protection and implementing measures to prevent further compromise. The breach has been reported to both Cyber Security NSW and the NSW Police Cybercrime Squad. This has triggered an ongoing police investigation into the breach’s origins and the individuals responsible.
DCJ has expressed its commitment to informing the affected individuals as quickly as possible once the details of the breach are fully assessed.
Despite the severity of the breach, DCJ remains determined to maintain the security of its online systems and ensure that further data vulnerabilities are addressed. Authorities are continuing to monitor the situation and evaluate any additional security improvements that can be implemented. The investigation is ongoing, and law enforcement will continue to work closely with DCJ to understand how the breach was executed and prevent future occurrences.
Reference:
