Cyber Incident Victim: Transport for New South Wales

In late May 2016, the New South Wales transport department experienced a cybersecurity breach targeting the NSW Trainlink online booking system. The incident occurred approximately one week prior to the department's May 29 public statement, placing the attack around May 22, 2016. While initial reports indicated unauthorized access to the booking platform, subsequent investigation revealed no evidence of data exfiltration. The transport department confirmed that neither personal information nor credit card details had been compromised during the breach. The attack specifically impacted the digital reservation infrastructure but did not extend to other operational systems within the Transport for NSW network. No technical details regarding the attack vector or intrusion method were disclosed in official statements.

The department publicly addressed the incident through a formal announcement on May 29, 2016, emphasizing the containment of the breach and the integrity of customer data. Their response focused on verifying the absence of data theft through forensic analysis of system logs and transaction records. The statement served to update previous reports about the breach while reassuring customers about the safety of their financial and personal information. No service disruptions or operational impacts beyond the booking platform were reported following the incident. The investigation concluded that while unauthorized access occurred, the attackers failed to extract sensitive data from the compromised system. Transport for NSW maintained normal operations across all other services throughout the incident response period.