The ACT Government is currently responding to a security breach that has affected Barracuda, an e-mail gateway system that supports some ACT Government ICT systems.
On Thursday, 8 June, I provided an overview of the situation and committed to providing weekly updates on the progress of our assessment and any updated information.
What we know:
ACT Government ICT services are all running normally and can be used with confidence.
The vulnerability has been eliminated and ongoing health checks reveal that the rebuilt system is showing no signs of any vulnerabilities.
At this time, the ACT Government has not been contacted by anyone claiming responsibility for the breach.
We believe a breach has occurred and the forensic investigation of our systems is ongoing. At this stage we have no definitive evidence that any information has been removed.
What we are doing:
We are running increased monitoring and cyber security processes as well as continuing to investigate any systems that interact with the Barracuda gateway to determine any potential harm.
We are working closely with the Australian Cyber Security Centre and our Chief Information Officer network to complete these assessments as soon as possible.
What we need you to do:
There is currently no requirement for any action by the community.
Please continue to be vigilant about your personal cyber security, including monitoring for any suspicious activity.
