• Explained: How to protect yourself from the Russian data hack

The data of around 150,000 Tasmanians has potentially been compromised by an exploit of government-contracted data transfer service GoAnywhere.

Minister for Science and Technology Madeleine Ogilvie told reporters on Wednesday no ransom demand had been received and would be rejected if it was.

“The Australian Cybersecurity Centre and the Australian Signals Directorate — which manages this at a national level — their policy is they do not pay ransoms,” she said.

“Tasmania will be adhering to that.

“There has been no new release overnight. So that’s welcome news.

“We’re not out of the woods yet. We are in the middle of what is actually an ongoing crime.

“We know that those data sets are being held by hostile, malevolent and malicious actors.

“We cannot control the next steps but what we can do is prioritise Tasmanians and that is what we have been doing.”

Ms Ogilvie praised the members of the state service who had worked over Easter to address the breach and get in contact with those potentially affected.

She said the event was a new one for Tasmania and the government would conduct a review of its response — including a request from DPAC chief Jenny Gale to opposition MPs asking them to not speak to the media.

She said she would continue to deliver information as quickly as she could.

“We have security advice. It’s my understanding that that letter from the commissioner was about the security advice and it is important that we follow that,” she said.

“As I’ve said we will be doing a review. That will be a root-cause analysis in the first place about what has happened, what we did well, what we didn’t do well and what lessons have been learned.

“In relation to the communications issue, I like to think I’m a natural communicator, I want to be here giving you as much information as I can and I have said that from the very beginning and I hope to continue to do so.”

Risk ‘alarming’ data breach could spread: Cyberterror expert

Tasmanians should expect more of their personal data could be released as part of an apparent breach by a Russian ransomware gang, an expert has warned.

Professor in CyberCrime Cyberwar and Cyberterror at the University of NSW Richard Buckland said it was to be expected that more data would be released.

“What Cl0P have done with previous ransomware attacks is that they release some files on the dark web, they release a few as a teaser and they release a ransom demand,” he said.

“If it is following the pattern of all the previous ransomware attacks we would expect more to be released.”

Professor Buckland said the attack was similar to one involving a Cl0P attack on Accellion file transfer software used by the NSW Health Department and others in 2021.

“It is surprising and alarming that we’re seeing a repeat of what we saw a couple of years ago,” he said.

“That we’re seeing this again, means the people involved haven’t learned the lessons of the Accellion breach.

“It’s the same group. It really is disappointing that this is happening and it shows there needs to be better education about cybersecurity within government departments.

“We’re all getting wake-up calls across the country.

“Once the Optus and Medibank [hacks] happened and were so widely publicised, we’ve seen boards around the country really sharpen up. It has led to some positive changes.”

The biggest danger in the current breach was opportunistic scammers taking advantage of uncertainty and posing as government agencies or financial institutions.

“Don’t be frightened or worried, but be very suspicious about emails, SMS messages and voice messages,” he said.

“Don’t click on any links no matter where they come from. sometimes they’ll send an email out to 100,000 people and one or two might respond.

“Even if it looks like it is coming from the government don’t click on it.”

Professor Buckland said it was unlikely the perpetrators of the hack would be caught.

Andrew Connor from consumer action group Digital Tasmania said the government’s response to date had been uninspiring.

“It is rather lacklustre. It really got teased out in stages like an episode of Yes Minister,” he said.

“It has been poorly communicated and poorly responded to. We hope things improve with a more detailed response to individuals.

“Some people may not care, some people might be very concerned but it is just a black hole at the moment and we don’t know what’s going on.

“To try to coerce the media and others into not discussing it doesn’t really serve anyone’s interests.”

Mr Connor is himself among those whose data may have been compromised.

“I did a TAFE course in 2016, so it is almost seven years ago I finished that. I don’t know why they’d be sending that out to a third party,” he said.

“Government needs to tell people what their risks are so they can look after themselves.”

Former Labor Senator Terry Aulich has been actively involved in privacy issues since the 1990s and is chair of the Biometrics Institute’s Privacy Committee.

He has written to the Premier and the leaders of the opposition parties saying limiting discussion about the breach was not a good idea.

“The suppression is not in accord with best practice outlined in the national privacy legislation, in particular, the Data Breach Notification Scheme which, in order, recommends the following procedures required to deal with significant data breaches; contain, assess, notify those affected and review so that improvements can be made,” he wrote.

“Attempts to suppress public reporting and debates about this significant hack undermines the requirement to review openly and honestly the reasons why this data breach occurred in the first place; in particular it is important to identify where mistakes were made, where policy has failed and where state government policy and practice will need to be improved.

“It is only then that government and departmental performance will improve.”

david.killick@news.com.au

More Coverage

‘No stone left unturned’: Data breach victims list nears 150k, Premier says

David Killick