The NSW Department of Education has warned that contact information may have been compromised in the cyber attack against its network earlier this month.
The department said in a statement on Thursday that while investigations were continuing, indicators of compromise had been identified during the initial probe.
“Preliminary findings have indicated that some information including contact information may have been compromised,” secretary Georgina Harrisson said.
“The department is now undertaking a forensic analysis in order to fully assess the risk and will communicate further information as it is known.”
The department added that “all protocols required under legislation” would be followed once the extent of the compromise was known.
The cyber attack, which took place on July 7, forced the department to deactivate several IT systems to protect student and staff data just days before resume on the school term.
It came on the same day the NSW government confirmed students in lockdown areas would learn online in response to the state’s Covid-19 outbreak.
Online portals used by both staff and students were impacted, as was staff email and the staff intranet.
The department began to restore priority applications, including Zoom, Microsoft Office and Google Classroom, from July 10.
Harrisson on Thursday said that while the attack had caused “considerable challenges for staff preparing for learning from home”, all apps had been restored before the start of term.
“All teaching and learning applications were back online for the start of term 3 which meant there was no disruption for our students,” she said.
In addition to forensic specialists, the department is continuing to work closely with Cyber Security NSW, as well as NSW Police and federal authorities.