Yesterday afternoon, South Australia's Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber attack.
mySA Gov is the South Australian government's online platform and app that provides residents with single account access for the state's services, such as checking into a venue or completing transactions for vehicle registration.
The department said hackers accessed these accounts as account holders used the same or a similar password for their mySA Gov account as they had used for their account with an unrelated website. The hackers then used the passwords they had obtained from the unrelated website to access a number of mySA GOV accounts.
The department did not provide details about the unrelated website.
According to the ABC, 2,601 mySA Gov accounts were accessed in the attack, with 2,008 of them containing registration and licensing information.
The department became aware of the breach on Tuesday, and has since blocked people from logging in if compromised passwords are used. It has also notified affected accountholders by email of the potential access to their account.
The department said there was "no evidence of any unauthorised transactions" on the impacted accounts.
"It is strongly recommended that when choosing a new password for their account, customers do not use a password that has been previously used or is currently being used for any other accounts," the Department for Infrastructure and Transport said in a statement.
"This is timely reminder to all mySA Gov account holders and South Australians more generally to always set complex passwords and do not use the same password for more than one account."
As details could have been accessed by an unauthorised third party, the department has also encouraged all affected account holders to change their driver's licence number by attending a Service SA Centre.
- Service NSW reveals 738GB of customer data was stolen during email breach
- Clearview AI slammed for breaching Australians' privacy on numerous fronts
- 519 data breach notifications include 33 from Australian government entities
- NSW Health wants to send electronic alerts to parents about their kid's routine health checks