Cyber Incident Victim: Anglicare Sydney
Date:
Aug 2020
Location:
Australia
Summary
Anglicare Sydney experienced a malicious cyber attack involving the theft of 17 gigabytes of potentially sensitive data, including records related to adoption, foster care, counseling, and mental health services, though its primary foster care system remained unaffected. The organization refused to pay a ransom and collaborated with law enforcement and national cybersecurity agencies to investigate the breach, which raised concerns about risks associated with outsourcing sensitive government-contracted services. While no direct impact on NSW government systems was confirmed, the incident highlighted vulnerabilities in data security for vulnerable populations served by the not-for-profit.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 31, 2020, Anglicare Sydney experienced a malicious cyber attack resulting in the unauthorized transmission of approximately 17 gigabytes of data to a remote location. The not-for-profit organization, which provides foster care, adoption services, counseling, mental health support, disability care, and aged care under contract with the NSW Department of Family and Community Services (FACS), confirmed the incident publicly on September 19. While investigators were still working to determine the exact contents of the exfiltrated data at the time of reporting, the organization expressed concern that the compromised information could include sensitive records related to vulnerable populations in its care. Attackers subsequently attempted to extort Anglicare Sydney by demanding ransom payments, likely in cryptocurrency, in exchange for decryption keys or the return of stolen data. The organization explicitly stated it refused to negotiate with or pay the cybercriminals.
The attack prompted involvement from multiple investigative bodies, including NSW Police and the Australian Signals Directorate, Australia's national cybersecurity agency. Anglicare Sydney emphasized that its primary Out of Home Care program system, which manages foster care operations, remained unaffected. The NSW Department of Communities and Justice reported that government cybersecurity teams responded swiftly to potential threats arising from the breach, with Cyber Security NSW confirming no observed impacts on state government systems or services. Public Service Union General Secretary Stewart Little raised concerns about data security risks associated with FACS granting external organizations like Anglicare direct portal access to sensitive information involving at-risk children. This incident occurred against the backdrop of Anglicare Sydney's earlier challenges managing a COVID-19 outbreak at its Newmarch House aged care facility, though no connection between the two events was indicated in available reporting. The organization cautioned that public discussion of the cyber attack risked causing distress to vulnerable clients while investigations remained ongoing.