Several Victorian councils confirmed that their data had been exposed to the public, after their third-party OracleCMS call center operator had been breached. The compromised data from the customer services vendor may extend beyond the Victorian cities data breach.
OracleCMS, (not to be confused with Oracle corporation) is an Australia-based localized provider of customer care solutions and call center services.
According to the OracleCMS official disclosure, the breached information may include ‘corporate information, contract details, invoices, and triage process workflows’. Last week, the LockBit #ransomware group mentioned OracleCMS as a victim on its official leak site.
Authorities Issue Data Breach Notices on Official Sites After Victorian Cities Data Breach
Local governments entities are among those affected by the OracleCMS breach, with many of them conducting investigations into the incident over the weekend. Some affected entities instructed the OracleCMS provider to not to collect any further information information during the interim and requested direct transfer of urgent calls, including after-hour calls to their staff until further notice.
The affected cities that are known to have issued official data breach notices include: Knox City, City of Port Phillip, Manningham Council, Whitehorse City Council and the City of Monash
Earlier, LockBit had published some sample data such as bills associated with OracleCMS, giving the group until April 16th to negotiate with the group, with no ransom amount being publicly mentioned.
The group had then published more than 60 gigabytes of leaked data contained within a single compressed archive. A “Clients” directory from the leaked data included more than 50 different folders of organizations ranging from local city councils to senior citizen care services.
The Australian publication Cyber Daily stated that more than a dozen local councils were on the list, including the Campbelltown Council, Tweed Shire Council, Dandenong City Council, among various other government entities.
Other clients included within the leak include several different law firms, a real estate agent giant, and the Queensland branch of the Philadelphia Church of God.
OracleCMS Issues Several Safety Recommendations After Victorian Cities Data Breach
OracleCMS confirmed a cyber security incident had occurred where an unauthorised party gained access to a portion of its data and published the leaked data online. After discovering the incident, OracleCMS approached cyber security experts to aid in securing its systems and in conducting an official investigation.
The site states that basic contact information could be extracted from contracts and invoices appearing in the breach, but advised that the data presented ‘a low risk of misuse.
The organization stated that it had contacted clients which it had identified as being impacted, and would work with them to issue further notification and support to affected parties and individuals.
OracleCMS apologized for the incident and affirmed its commitment to keeping stakeholders updated during the on-going incident response and investigation. The site issued several recommendations to affected parties to stay safe from the fallout of the data breach.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
