A served used by the SunWater statutory Queensland (Australia) Government-owned water supplier was compromised and threat actors remained undetected for nine longs months, the annual financial audit report published by the Queensland Audit Office revealed.
The water supplier provides bulk water to over 5,000 customers and water consultancy services to several government clients in the Wide Bay–Burnett and North West regions of Queensland. SunWater manages 19 major dams and 1,600 miles long pipelines.
The hacked server was used by the company to manage customer information for the Queensland water supplier.
The security breach took place between August 2020 and May 2021, the intrusion has been attributed to a financially motivated attacker that deployed a custom implant to redirect visitor traffic to an online video platform.
It seems that attackers did not exfiltrate sensitive data from the compromised server.