Tasmania’s government has confirmed that a third-party system used by several state agencies has been hit by a cyberattack. Hackers managed to steal pupil data from the student management software platform, VETtrak, which its developer, ReadyTech, supplies to various Tasmanian government departments. This platform is utilized by the Department for Education, Children and Young People, along with the state’s fire services and health department.
ReadyTech first notified the Australian Securities Exchange (ASX) of the security incident on October 17. At that time, the company stated it had immediately isolated the platform as a precaution and began an investigation into the breach. While the Tasmanian government initially said there was no evidence that sensitive student information had been accessed, it declined to comment on the number of student records that may have been impacted.
However, ReadyTech released an update to the market on October 24, confirming that cybercriminals had managed to post “a small number” of documents containing personal information originating from the platform online. The company has since reported the incident to the Australian Federal Police and updated the Australian National Office of Cyber Security and other relevant government agencies.
In their communication, ReadyTech urged the public not to attempt to access the posted data, stating that doing so would only support the cybercriminals’ business model and could potentially constitute a criminal offense. The company confirmed it is actively responding to this recent development and taking appropriate steps to manage the breach.
The Tasmanian Department of Premier and Cabinet also issued a public warning that malicious actors might attempt to use the stolen data to pursue other kinds of fraud. The department strongly encouraged all citizens to be cautious and report any suspicious activity they encounter.
Reference:
