By Tanya Steele
Knox Council was among several councils to fall victim to a recent cyber security breach involving OracleCMS which manages the customer calls to Council outside business hours.
The breach included Manningham, Whitehorse and Monash Council and all councils posted news of the incident to their websites between 19 and 24 April.
General Manager of Operations from Oracle CMS Mark Needham said that the breach itself was actually a breach of Oracle CMS data.
“No, council, residential or personal identifiable data was breached – It is only our data, which included some general some standard contract and some invoices,” he said.
Mr Needham said the frequency of cyberattacks can happen daily to many companies but the security his company has in place activated as expected.
“We’re quite vigilant with our security, but it is something that can happen,” he said.
“The security that we have in place, across all of our main systems that do have sensitive data – we were very happy with how that performed.”
Knox City Council posted to their website on 19 April and said that Knox City Council systems have not been compromised.
“Council has been advised by OracleCMS that no customer information has been accessed. An independent investigation is underway to confirm this,” the news post read.
Knox Council said that if any customer data has been found to have been accessed, customers will be contacted directly and provided with advice and guidance to reduce the risk of their information being misused.
“As a precaution, we have instructed OracleCMS not to collect any customer information and transfer any urgent requests directly to our on call staff until further notice.
We take the security of our customers information very seriously and apologise for the concern this will cause to our customers. We will provide updates as they come to hand,” the post read.
OracleCMS is still working with government authorities and a cyber security expert to address the incident.
“We’ll go through that process and do the due diligence – at the moment we’re completing that right now with those departments,” Mr Needham said.
“We do work with government clients, and they need to ensure that there’s no further breach other than our own data, which has been the case,” he said.
As a precautionary measure, Knox City Council posted cyber security safety tips online and said that the council would never contact community members to ask for usernames or passwords.
For more information follow the guidance from the Victorian Government on how to Recover from a data breach | vic.gov.au (www.vic.gov.au).
