Cyber Incident Victim: Queensland Early Warning Network

On or around January 5, 2019, an unauthorized third party compromised the Queensland Early Warning Network (EWN), a service operated by Australian company Aeeris designed to disseminate emergency alerts for extreme weather, fires, evacuations, and incident responses. The attacker used stolen credentials belonging to an authorized user to access the system, though the method of credential theft remained unspecified. Once inside, the hacker distributed spam alerts via the network’s SMS, landline, and email notification channels to an undetermined number of subscribers. The fraudulent messages stated, "EWN has been hacked. Your personal data is not safe," and instructed recipients to contact [email protected] to unsubscribe from the service. This misuse of critical infrastructure disrupted the platform’s intended function of delivering life-saving emergency information.

EWN confirmed the breach occurred over the weekend and attributed it to compromised credentials, though they did not disclose whether multi-factor authentication was in place or how the credentials were obtained. The company did not report any evidence of personal data exfiltration beyond the unauthorized alert’s claim about data safety. The incident exposed vulnerabilities in a system relied upon by Australian local governments for public safety communications, though no operational interference with legitimate emergency alerts was documented. EWN’s public acknowledgment focused on the credential-based access vector without elaborating on containment measures or forensic findings. The spam campaign’s full reach and potential secondary impacts, such as subscriber distrust or service disruptions, were not quantified in available reports.