The company affected by the hacking is Pnors Technology Group, who said its businesses specialised in gathering data and processing documents for a number of external clients, including government departments.

The Herald Sun understands the Department of Education and Training has a contract with the company.

On Sunday, Premier Daniel Andrews said despite the hackers releasing to the company a sample of what is believed to be stolen data, it was too early to say if Victorians’ information had been compromised.

“It’s not definitive but there’s the potential for a breach,” Mr Andrews said.

“They’re (Pnors) working through that, around the clock, and they’re doing that job well.

“As soon as we have confirmation of anyone’s records being compromised, then we will make a statement and we’ll work with any of those people.”

The Premier said it was also too early to say whether data held by the Department of Education and Training, or any other state government department, was compromised by the cyber attack.

“There’s a number of different agencies that potentially may have been involved but I don’t want to go into that until we’ve actually determined what’s happened,” he said.

“You can have a breach, whether anybody accessed anything, took anything, viewed anything, that’s not necessarily the same as the fact that the first firewall was breached.

“So it’s just important that we confirm the facts.”

On Saturday evening, the Premier’s office confirmed it was aware of the hack and was still determining the extent of the information breach.

In a statement, Pnors Technology Group chief executive Paul Gallo said a cyber attack affecting two of its companies – Datatime and Netway – was detected on November 3.

Mr Gallo said the company immediately activated an incident response which included notifying affected clients and bringing in external cyber security experts to assist with the issue.

He said early investigations by experts indicated the hack was limited to systems being encrypted and locked.

“However, overnight the criminals behind the cyber attack released to the company in a private communication a sample of what is believed to be stolen data,” he said.

“Pnors followed strict privacy protocols and notified the Office of Australian Information Commissioner to disclose the data breach.

“The extent of the data breach is still being investigated and we are working closely with all authorities to assess how many of our clients have been impacted and the nature of the data that has been stolen.

“When we were informed about the cyber attack we immediately shut down and isolated all our internal systems and took further measures to secure our network and data, along with pausing all data processing.

“We will be monitoring this ongoing incident 24/7, and will provide an update as soon as we have further information.”

A Department of Premier and Cabinet spokesman said the Victorian government is aware of the cyber incident.

“We are continuing to provide support to Pnors Technology Group to determine the extent of the information breach and to prevent further incidents,” he said.

The Victorian government’s Cyber Incident Response Service has been notified and are taking appropriate action.

“Protecting Victorian data and systems is our highest priority,” the spokesman said.

“If it is determined that Victorian government data has been exposed as a result of this breach, departments will notify impacted individuals and provide advice on steps they can take to minimise any risk.”

Relevant state and federal authorities, including the Australian Cyber Security Centre, Federal Police and government cyber experts were notified.

The Herald Sun has been told the breach is a ransomware attack, however the amount of money the hackers are demanding is unknown.