OracleCMS ransomware attack exposes data of Australian councils
WEST MELBOURNE, AUSTRALIA—Outsourcing firm OracleCMS reported a significant cybersecurity incident, revealing that unauthorized access was gained to a segment of its data. Certain files were subsequently published online.
The breach has been attributed to the notorious ransomware group Lockbit 3.0, which had previously set a deadline for the company to make contact and negotiate by April 16 — a deadline that the company apparently did not meet.
Immediate response and impact assessment
Upon discovering the breach, OracleCMS promptly engaged external cybersecurity experts to secure its systems and commence a thorough investigation.
The company’s initial findings suggest that the compromised data primarily includes corporate information, such as contract details, invoices, and triage process workflows.
OracleCMS has reassured that any personal information involved is likely limited to basic contact details found in contracts and invoices, presenting a low risk of misuse.
The firm expressed regret over the incident, stating, “We understand this news may cause concern, and we are deeply sorry that this has happened. We are committed to keeping our stakeholders updated as we work to respond to this incident.”
Australian councils and other clients affected by data breach
The breach mainly affected several cities and councils in the state of Victoria, Australia.
The Cyber Express reported that the affected cities known to have issued official data breach notices include Knox City, the City of Port Phillip, Manningham Council, Whitehorse City Council, and the City of Monash
The Cyber Daily also wrote that more than a dozen local councils were on the list, including the Campbelltown Council, Tweed Shire Council, and Dandenong City Council, among various other government entities.
These councils are now taking measures to mitigate the impact, including halting further data collection by OracleCMS and rerouting urgent calls directly to their staff.
Other clients included in the leak include several different law firms, a real estate agent giant, and the Queensland branch of the Philadelphia Church of God.
Ongoing investigations and mitigation efforts
OracleCMS is continuing its investigation into the breach and has begun contacting client organizations that have been identified as potentially impacted.
The company added that it is working closely with these clients to provide the guidance and support needed to address and mitigate any risks associated with the data breach.
In the meantime, OracleCMS has issued several safety recommendations for affected parties to protect themselves from potential misuse of the leaked data. The company is also reportedly focusing on resolving the incident and ensuring such breaches are prevented in the future.