The operator of an Australian emergency warning service has denied that user information was breached after someone accessed its system to post “you've been hacked” messages.
Over the weekend, people who were registered with EWN.com.au received messages that the system had been hacked. Those messages told users the hack included a breach of their personal information.
The messages read: “EWN has been hacked. Your personal data is not safe. Trying to fix the security issues,” and included a support email address.
However, managing director Kerry Plowright said personal data wasn't breached.
The company's announcement called the message “a nuisance spam-notification,” and added that the link in the message was non-harmful.
“Investigations are continuing with the Police and Australian Cyber Security Centre involved,” the company added.
South Australia bins emergency alert app, contractREAD MORE
Speaking to the ABC's AM radio current affairs program Tuesday morning (audio starts at 20:17), Plowright said he believed the company knew who had used staff credentials to access the part of the system that sends emergency alerts.
It was identified “within seconds by our guys on the operational side” who “killed the process,” but not before “a bunch” of messages had already been sent via SMS, landline and/or email.
Plowright also told the ABC the company avoids holding personal information and restricts what it does hold to “white pages-type data”.
Affected government agencies included federal and state government clients, and a number of Queensland councils, including the cities of Gladstone, Tablelands, and Ipswich. ®