Tasmania’s government has confirmed that a third-party system used by several state agencies has been hit by a cyberattack.
Hackers have managed to steal pupil data from student management software platform, VETtrak, which its third-party developer, ReadyTech, supplies to several Tasmanian government departments.
ReadyTech first notified the ASX of the incident on October 17. At the time, it said that it had begun an investigation into the incident and isolated the platform as a precaution.
VETtrack is used by Tasmania’s Department for Education, Children and Young People, the state’s fire and services, and its health department, is developed by third-party supplier, ReadyTech.
The Tasmanian government said in a statement yesterday there was no evidence that sensitive student information had been accessed.
iTnews asked the department yesterday how many student records had been impacted by the incident. It said it had no further comment to make at this time.
ReadyTech released an update to the market regarding the incident October 24 The company said that it had become aware that cybercriminals had managed to post a “a small number” of documents containing personal information “originating from the platform” online.
The company has reported the incident to the Australian Federal Police.
“In line with government guidance, the company urges that no one tries to access the post or the data, which only feeds the business model of cybercriminals and may be a criminal offence,” ReadyTech said.
“The company is responding to this recent development and is taking appropriate steps. The company has updated the Australian National Office of Cyber Security as well as other relevant government agencies”.
In its statement, the Tasmania’s Department of Premier and Cabinet warned that malicious actors might attempt to use the stolen data to pursue other kinds of fraud.
“We encourage everyone to be cautious and report any suspicious activity,” it said.
