Nine Entertainment suffers its second cyber attack in less than a year
The personal information of almost 500 of the media company’s current and former employees was stolen in the latest data breach.
Nine Entertainment has been subjected to a second cyber attack in less than a year, with the personal information of almost 500 of the company’s current and former employees stolen in the latest data breach.
The theft relates to employees at Nine Radio, a division of Nine Entertainment.
The staff data was compromised as a result of a cyber attack against Nine’s external payroll software provider, Frontier Software, in November last year.
In a letter to affected employees on Friday, Nine Radio managing director Tom Malone said the media company was unaware that it had been touched by the cyber attack on Frontier until this week.
“Earlier this week Nine Radio became aware that personal information from the month of May 2016 relating to 498 current and former employees, including you, may have been accessed as a result of a cyber attack against an external payroll software provider, Frontier Software,” he said.
“The cyber attack which occurred on November 13 2021, resulted in a file containing
these current and former employees’ personal information from that period being exported from Frontier.
“Prior to this week Frontier had provided us with advice that no personal information of our
employees had been released from their business. The updated advice from Frontier this week is a result of the many weeks of forensic work done by Frontier.”
Mr Malone said the information accessed through the cyber attack includes full names, home addresses, email addresses, telephone numbers, dates of birth, tax file numbers, salaries, payroll ID, and superannuation fund details.
“Frontier has confirmed to Nine that the information has now been deleted by the entity responsible for the cyber attack and we are not aware of any misuse of the information which was accessed from Frontier,” Mr Malone told staff.
In March last year, Nine’s Sydney headquarters was struck down in a ransomware attack, which crippled some of the network’s TV operations, affecting some of its most popular programs.
At the time, the company’s chief information and technology officer Damian Cronan called the attack a “significant, sophisticated and complex” one.
The November attack on Frontier also affected the South Australian government, with the personal records of at least 38,000 employees accessed.
The criminal organisation that claimed responsibility for the attack is known as Conti, assumed to be Russian-based.
Frontier Software, a human resources and payroll management company, provides services to more than 1500 public and private organisations around the world.
In a statement, Frontier Software Australia’s chief executive Nick Southcombe said: “As our technical investigations into the recent cyber incident progressed, we have continued to review the data stolen from the Frontier Software Australia internal corporate environment.
“During this process we have prioritised identifying any customer data that may have been stolen. This review is continuing and now near completion. We promptly contact impacted clients if our ongoing data review discovers any client data that may have been compromised.”