Australian Government cyber security incident

Posted on 03 November 2017

The National Disability Insurance Agency (NDIA) has been advised of a data breach involving a third party contractor engaged to provide expense management services, impacting four Australian Government departments, including the NDIA.

The Australian Cyber Security Centre was alerted to the breach in the first week of October and immediately contacted the external contractor to secure the information and remove the vulnerability within hours of notification.

The data exposed contained limited personally identifiable information of some government employees. No participant or provider information was put at risk as a result of the incident. The NDIA is working with its affected employees and notifying previous employees.

The NDIA takes cyber security and the protection of people's personal information seriously and is constantly taking measures to strengthen our security arrangements.