ZircoDATA cyber incident involving Victorian public sector information
The Office of the Victorian Information Commissioner (OVIC) is aware of the cyber incident involving ZircoDATA.
ZircoDATA is a third-party records and information management service. We are aware that some Victorian public sector organisations hold contracts with them.
Information stored and managed by ZircoDATA has been exfiltrated and published on the dark web.
Victorian public sector organisations should notify OVIC if they have been impacted by the incident.
Individuals impacted by the incident, or that have concerns about their information, should contact those organisations directly.
Information on the privacy rights of Victorians is available here. (https://ovic.vic.gov.au/privacy/for-the-public/your-privacy-rights/)
Information for individuals on what to do if personal information is involved in a data breach is available here. (https://ovic.vic.gov.au/privacy/for-the-public/data-breaches-and-you/)
Quotes attributable to Information Commissioner Sean Morrison:
I recommend Victorian public sector organisations notify any individual whose personal or health information has been impacted by the incident. Individuals who have concerns about their information should then contact those agencies directly. My office will continue to monitor the incident and will continue to receive updates as necessary.
For media enquiries contact:
Molly Williams
Phone: (03) 8684 7585
Email: media@ovic.vic.gov.au
For general enquiries about FOI, privacy and information security in Victoria contact:
Office of the Victorian Information Commissioner
Phone: 1300 006 842
Email: enquiries@ovic.vic.gov.au
For further background, please refer to:
Monash Health informed of external data breach (www.monashhealth.org)