The ACT Cyber Security Centre is investigating a security breach affecting the email gateway system that supports some ACT Government ICT systems.
Announcing the investigation, the Minister for City Services, Chris Steel said that Barracuda – the email gateway system – identified a vulnerability in its Email Security Gateway and issued a public vulnerability notification on 24 May.
“As part of our routine cyber security measures, the ACT Cyber Security Centre discovered the public notification and investigated,” Mr Steel said.
“The potential vulnerability was detected as being present and the ACT Cyber Security Centre immediately completed a rebuild of the impacted Barracuda system to eliminate any ongoing vulnerability,” he said.
“The investigation has now identified that a breach has occurred and a harms assessment is underway to fully understand the impact specific to our systems, and importantly to the data that may have been accessed.”
Mr Steel said he was confident the actions taken to date had contained the breach and that there was no ongoing threat.
He said Canberrans could continue to use ACT Government online systems with confidence.
“The ACT Cyber Security Centre has stood up the Cyber Incident Management Team and is working with the Australian Cyber Security Centre and Barracuda Networks on the ongoing investigation,” the Minister said.
“This incident is a reminder for everyone in the community to be vigilant about their personal cyber security, including monitoring their personal information online for any suspicious activity.”