Staff of IP Australia have been advised to change their passwords, to take care opening emails and to avoid possible telephone scammers following a breach of online security at the Agency’s online service provider, PageUp.
PageUp, a human resources cloud service provider, announced it was investigating a security incident after its systems were compromised by an unauthorised person following a malware infection on 23 May of this year.
It later confirmed that IP Australia’s recruitment module was compromised on that date.
In a statement, IP Australia said it was among a number of Australian and international organisations that had been impacted by the data security incident.
“The IP Australia data that has been breached includes names, IP Australia email addresses, commencement dates, classification and the Australian Government Service numbers of staff,” IP Australia said.
“Cybersecurity experts have now confirmed that they have not identified any further threats to the PageUp system and that it is now safe to use.”
It said however that as IP Australia itself did not know who had accessed the information involved in the breach, it advised staff to be extra vigilant.
“IP Australia has obligations under the Privacy Act 1988 to take reasonable steps to protect the personal information it holds,” the statement said.
