CTARS Data Security Alert
Please read below for details on a data security breach affecting many non-government and some government agencies across the sector. The data breach may involve the personal and sensitive information of Family Spirit carers, clients and staff.
- On 16 May 2022 Family Spirit was notified by software provider CTARS, that they had suffered a cyber-attack on their IT systems.
- The cyber-attacker informed CTARS that they had been able to gain access to their IT systems and accessed, or removed, a large amount of data on those systems.
- On 21 May 2022 CTARS became aware that information involved in the data breach was disclosed to unauthorised recipients.
- CTARS has reported the data breach to the Australian privacy regulator, the Office of the Australian Information Commissioner (OAIC) and to the Australian Cyber Security Centre (ACSC).
- The NSW Department of Communities and Justice (DCJ) is aware of this cyber-attack.
What is being done to contain and remediate this situation?
- Family Spirit is now moving all data from CTARS to our own internal IT systems.
- Family Spirit is seeking further information from CTARS and working closely with DCJ.
- We expect the OAIC and ACSC to carry out ongoing investigations regarding the cause of the cyber-attack and the steps that have been taken to manage the incident.
Where can I go to find out more?
Family Spirit is aware of the importance of the personal and sensitive information that you have entrusted to us, and we are extremely disappointed and concerned that this incident has occurred. When we have found out more from CTARS we will update this statement, and any impacted Family Spirit carers or clients will be contacted directly by their case managers. Please keep checking this website for further details.
If you would like further information about the data breach, a response team is on hand to answer your questions. The response team can be contacted at email@example.com or visit the CTARS website ctars.com.au/ctars-data-breach.
Support for impacted individuals:
If you are concerned about the potential misuse of your personal information, you can access free support from IDCARE, Australia’s national identity and cybersecurity community support service. IDCARE’s services may be accessed by providing referral code CTR22 when completing its Get Help Web Form or calling 1800 595 160.
Other support services you may like to access include:
For clients: Lifeline 13 11 14, Beyond Blue: 1300 22 4636
For carers: Family Spirit Carer Assistance program on 1800 959 986 or firstname.lastname@example.org
For staff: AccessEAP 1800 818 728