The Department of Communities is looking to find out how many Tasmanians had their personal data exposed - including Medicare and Tax File numbers - as part of a hack on a file management system.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
The cyber attack from May 15 targeted the cloud-based CTARS client management system, used by providers under the NDIS and out-of-home care services.
The data of NDIS participants and carers was only exposed if their provider uses CTARS. Systems used by the National Disability Insurance Agency itself were not involved in the hack.
Cabinet minister Roger Jaensch said the Department of Communities had one contracted service provider affected by the data breach.
"Other states and territories have also been impacted by the data breach," he said.
"It's currently not clear how many Tasmanian citizens are impacted by the breach, however the department is working with suppliers involved to determine this.
"Our government will be assisting as required to provide support any Tasmanians affected by the data breach."
The Tasmanian Government was informed of the cyber attack on May 17.
The number of people who had their personal information exposed, including medical records, names, addresses, Medicare and Tax File numbers, was yet to be publicly disclosed. The companies involved had also not disclosed the specific information that may have been hacked.
A "sample of that data" was published on a deep web forum on May 21.
Mr Jaensch said more work was being done at a national level to contain the breach.
"The Australian Cyber Security Centre - ACSC - and the Office of the Australian Information Commissioner have been notified, and CTARS have engaged ID Care to support victims of the data breach," he said.
In a statement on its website, CTARS said those affected could be contacted by their providers if they were involved.
"Although we cannot confirm the details of all the data in the time available, to be extra careful we are treating any information held in our database as being compromised," the statement reads.
"This data includes documents containing personal information relating to our customers and their clients and carers."
A community information hub has been set up on the CTARS website for anyone concerned about their personal information.
Why not have your say? Write a letter to the editor here:
Our journalists work hard to provide local, up-to-date news to the community. This is how you can continue to access our trusted content:
- Bookmark www.examiner.com.au
- Make sure you are signed up for our breaking and regular headlines newsletters
- Follow us on Twitter: @examineronline
- Follow us on Instagram: @examineronline
- Follow us on Google News: The Examiner