Cyber Incident Victim: mySA Gov

On November 2, 2021, South Australia's Department for Infrastructure and Transport confirmed a cyber attack compromising mySA Gov accounts. The attackers accessed accounts by exploiting password reuse, utilizing credentials obtained from an unrelated external website to gain unauthorized entry. mySA Gov serves as the state's centralized online platform for services including venue check-ins and vehicle registration transactions. The department did not disclose the identity of the unrelated website or the timeframe of initial compromise but confirmed detection of the breach on November 2. According to reports, 2,601 accounts were accessed without authorization, with 2,008 containing sensitive driver's licence and vehicle registration details. No evidence indicated unauthorized financial transactions occurred within the compromised accounts.

The department implemented immediate containment measures, blocking logins attempted with known compromised passwords. Affected account holders received email notifications regarding potential unauthorized access to their information. Officials mandated password resets for impacted users, explicitly advising against reusing passwords across multiple accounts. As a precaution against potential identity misuse, the department urged affected individuals to visit Service SA Centres to change their driver's licence numbers. Public statements emphasized the necessity of complex, unique passwords for all accounts while refraining from attributing the attack to specific threat actors or detailing technical intrusion methods. The incident underscored risks associated with credential reuse across online services.