By Cam Lucadou-Wells
Casey Council has been caught up in a major data breach affecting clients of IT firm PageUp People.
On 8 June, Casey announced it had.taken down its online recruitment system after its provider PageUp warned of a “possible serious security data breach” occurred in mid-late May.
The council was informed of the breach on 4 June.
Acting chief executive Steve Dalton said Casey advised recent job applicants that their personal data may have been “compromised”.
“The City of Casey is meeting with the provider to determine the impact on applicants and to seek explanations as to why it took more than a week to inform Council of the breach.
“Council has urged those affected to be vigilant about any unusual activity relating to their personal information.”
In a statement issued on 12 June, PageUp said “unauthorised person(s)” had accessed its system.
It believed “on the balance of probabilities” that the personal data of its clients, placement agencies, applicants, references and its employees had been accessed.
This could include names, street addresses, email addresses and phone numbers, as well as employee usernames and passwords, PageUp stated.
It stated that employment contracts, resumes, tax file numbers, credit card information and bank account information were not breached.
The firm’s statement claimed that “PageUp is safe to use.”
“Cybersecurity experts investigating have confirmed they have not identified any further threats to our system.
“We have confirmed that the threat on our systems has been contained and eradicated.”
The Australian Cyber Security Centre, Australian Federal Police and independent “expert cybersecurity firms” were investigating the incident, it stated.