New information has come to light on the cyber-attack of Fire Rescue Victoria (FRV) in December, with the personal information of recruit applicants now feared to have been exposed.
Issuing an update on the incident, FRV said it had earlier stated firefighter recruit applicants were not affected by the cyber-attack.
“As part of our ongoing investigation into the cyber-attack, FRV now has identified that the personal information of firefighter recruit applicants may have been accessed or stolen by a malicious third party in the cyber-attack,” the service said.
“FRV has received confirmation that the criminals who attacked our IT systems on 15 December 2022 have shared FRV information on the ‘dark web’,” it said.
“[It’s] a complex task to access and analyse the data that has been shared on the dark web and our investigations are ongoing.”
FRV said anyone who had ever applied for a firefighter recruit role with FRV or the former Metropolitan Fire and Emergency Services Board (MFB) may have been impacted by the breach.
It said the exposed information could include an applicant’s full name; address; email address; phone number; date of birth; drivers’ licence; passport details; and Tax File numbers.
The Agency said any information that was sent or received via its email system may also have been exposed, such as information about sexual orientation, race, disability, religion, qualifications, employment history or criminal history.
“As there is a risk that personal information may have been accessed or stolen by a malicious third party, we strongly urge all current and former FRV Staff and job applicants to remain vigilant and take steps to protect their identity and credit profile,” FRV said.
“FRV is continuing to take steps to recover our systems and we thank our employees and partners for their ongoing understanding and support,” it said.
“A number of systems, including access to phones and emails, have now been restored.”
FRV said current and former FRV Staff, job applicants and recruits concerned about the potential misuse of their personal information could access free support from IDCARE via its Get Help Web Form using the referral code FRV22.
The IDCARE web form can be accessed at this PS News link.