An online application used by vehicle examiners to conduct roadworthiness inspections in NSW has been struck by a cyber attack.
Transport for NSW said the authorised inspection scheme (AIS) online application was impacted by a cyber incident in early April.
“During the incident, an unauthorised third-party successfully access a small number of the application’s user accounts,” TfNSW said in a statement on Wednesday.
TfNSW said additional security measures were put in place following the incident and that it is continuing to monitor the application.
AIS is a system “under which vehicles are inspected in NSW”, according to TfNSW. Inspections are carried out for annual renewal or the transfer of registration.
Impacted examiners are now being notified individually to help them “avoid further impacts from the incident”.
“We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack,” TfNSW added.
The incident comes less than 18 months after the agency confirmed it was one of a number of large organisations worldwide to fall victim Accellion data breach.
Both customer and employee data was found to have been accessed in the breach, with iTnews later revealing that this included driver’s licence details.
TfNSW was forced to conduct two rounds of notifications after revising up the number of impacted individuals, including at least 500 customers.
In July 2021, TfNSW was revealed as having low levels of maturity against the Australian Cyber Security Centre's Essential Eight controls.
The audit also highlighted issues with the agency's cyber security culture, with risk information only passed on to senior executives “irregularly”.
