Shoalhaven residents are not expected to be impacted by a data breach at the company that operates Shoalhaven Council's out of hours call centre.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
OracleCMS provides an after hours call centre for Shoalhaven and a range of other councils across Australia.
OracleCMS said it had become aware of a cyber security incident in which a third party gained unauthorised access part of the company's data and had published files online.
The company said it had engaged external cyber security experts to help secure the company's systems and investigate the incident.
"Available evidence suggests that the impacted data is limited to corporate information, contract details, invoices, and triage process workflows," the company said.
"Any personal information, if present, is anticipated to be basic contact information as appears in contracts and invoices.
"We are advised that this data presents a low risk of misuse," OracleCMS said.
"We have contacted the client organisations which our investigation has identified as potentially impacted and we will be working with them to notify those who require guidance and support to mitigate the risk of data misuse.
"We understand this news may cause concern, and we are deeply sorry that this has happened.
"We are committed to keeping our stakeholders updated as we work to respond to this incident," the company said.
Shoalhaven Council said it was not aware of Shoalhaven customer data being affected by this breach.
It said OracleCMS was working with government authorities to investigate the incident.
OracleCMS has provided advice as a precautionary measure, allowing people to consider how they can best protect their data from misuse if their contact details are exposed.
It said when a third party has accessed, downloaded or disclosed your contact information, it is important to:
- Be aware of email, telephone and text-based scams. Do not share your personal information with anyone unless you are confident about who you are sharing it with;
- When on a webpage asking for your login credentials, take note of the web address or URL ('Uniform Resource Locator'). The URL is located in the address bar of your web browser and typically starts with https://;
- If you are suspicious of the URL, do not provide your login details. Contact the entity through the usual channels to ensure you are logging into the correct web page. Please note that we will never contact you to ask for your username or password;
- Enable multi-factor authentication for your online accounts where possible, including your email, banking, and social media accounts;
- Ensure you have up-to-date anti-virus software installed on any device you use to access your online accounts;
- Check the strength of your passwords and whether they have been involved in any data breaches on the NSW Government password checker website: https://www.nsw.gov.au/id-support-nsw/passwords; and
- Follow the Australian Competition and Consumer Commission's Scamwatch guidance for protecting yourself from scams here: https://www.scamwatch.gov.au/get-help/protect-yourself-from-scams/.
