Oracle CMS Security issue

Published on 20 April 2024

Person-using-computer.png

Darebin City Council is aware of a cyber security incident relating to our third party supplier, OracleCMS, who manage our after hours customer support service. This service is used by a number of local councils across Victoria, and Australia. We have suspended our service with OracleCMS for the time being and proactively put measures in place to continue to support our customers after business hours and have staff on call to assist with urgent safety issues or hazards related to Council services.

OracleCMS has advised us that an unauthorised third party has gained access to a portion of their data and published files online. The supplier has also advised that they immediately engaged an external cyber security expert to help secure their systems and investigate the incident.

From their preliminary investigations, the impacted data primarily consists of corporate details, specifically contract information and invoices. Any personal information of customers who have used the after hours service, if present, is anticipated to be basic contact information which presents a low risk.

Darebin City Council systems have not been compromised. We are currently working with the supplier to further understand the impact of the breach and we can provide further information once we know more.

If it is confirmed that customer data has been accessed, customers will be contacted directly and provided with advice and guidance to reduce the risk of their information being misused

We take the security of our customers information very seriously and apologise for the concern this may cause.

For more information follow the guidance from the Victorian Government on how to recover from a data breach.

 

Tagged as: