Monash Council became aware of unauthorised activity on a library server on 4 September and immediately shut down the server and launched an investigation.
We asked ID Care, the leading Australian cyber assessment organisation, to undertake a review of the types of information accessed.
The investigation has taken some time as there was a significant amount of information to work through and we wanted to be 100% sure that we had investigated everything thoroughly.
The investigation found that some databases on the server had been potentially accessed. Some of these databases contained some personal information about library users who had booked for events at our libraries. This information is confined to names, emails, phone numbers and, in very few instances, street addresses. The databases do not contain any financial information.
Importantly, the review by ID Care found that the type of personal information potentially compromised does not present a risk of serious harm to those people on the databases.
We will be contacting those affected directly to advise them of this incident.
For more information please see Cyber incident on Library server on the City of Monash website.
If you have any concerns about this incident or privacy in general you should initially contact Council’s Privacy Officer on 9518 3555.
Further information is also available on the OVIC website at https://ovic.vic.gov.au/
Or at https://www.staysmartonline.gov.au/