Frontier Software Data Breach

Workskil Australia - Frontier Software Data Breach

On 13 November 2021 Frontier Software became aware of a cyber-attack in which an unauthorised third party gained access to its corporate network. A large volume of data relating to persons employed prior to 1 September 2000, was exfiltrated (removed) from Frontier Software’s network.

The data relating to Workskil Australia employees was unstructured data (that is, not in easily identifiable form). Frontier Software has been working with this data to identify the clients to which the data relates which has been a time consuming and complex exercise.  Frontier Software notified Workskil Australia of this breach on 18 July 2021.

The incident did not involve Workskil Australia systems or network and we are confident that our systems and network are secure.

Workskil Australia apologises that this incident has occurred and for any concern or inconvenience this may cause our former employees.

Who is affected?

Based on the information Workskil Australia has received from Frontier Australia this incident impacts employees who commenced employment with Workskil Australia prior to 1 September 2000. The information related to the implementation of the CHRIS21 software by Frontier Software nearly 22 years ago.

What kind of information is involved?

Frontier Software has confirmed that the kinds of personal information that may have been accessed include:

  • employee identification number
  • bank account details (BSB, account number, account name)
  • tax file numbers

Workskil Australia has analysed the relevant data files provided by Frontier Software and confirms that this relates only to employee files for employees who commenced employment with Workskil Australia prior to 1 September 2000.

What is being done in response to the breach?

Frontier Software has worked with external cyber security and forensic specialists to help contain the event, recover their systems, strengthen their security and investigate the breach.

Workskil Australia is working with Frontier Software to identity those affected individuals and contact them directly where possible.

Frontier Software has informed us that they have notified the Office of the Information Commissioner, the Australian Cyber Security Centre, Services Australia, the Australian Federal Police, the South Australian Police, and the Australian Tax Office.

Who can I contact?

If you commenced employment with Workskil Australia prior to 1 September 2000 and are concerned about the security of your personal information, please contact Workskil Australia on 08 7088 8078. We can then check our records to confirm if you have been affected by this information release.

You may also contact Frontier Software by email at cyber@frontiersoftware.com or by calling 1300 007 446.

What should I do?

It is recommended that individuals affected take the following steps:

  • Contact the Australian Tax Office Client Client Identity Support Centre on 1800 467 033 M to F 8am to 6pm AEST to notify them of the breach. They will check your background and place a flag on your TFN. This means any funds that may be paid out under your TFN will require the ATO to contact you directly to confirm prior to payment, and they will put in place some additional security measures.
  • Additional information about the security safeguards that may need to be applied to your account is available at https://www.ato.gov.au/general/online-services/identity-security-and-scams/help-for-identity-theft/data-breach-guidance-for-individuals/.
  • Please remain alert to any increased scam activity, especially email and SMS or telephone phishing scams (i.e., fraudulent communications disguised as if to look like they come from an organisation you trust) and, in particular any such scam activity purporting to come from Frontier Software or Workskil Australia.
  • Further information on online safety, cyber security and helpful tips to protect yourself and respond to scams, identity theft and other online risks, can be found at the following government agency websites:

https://www.cyber.gov.au/acsc/view-all-content/threats

https://www.scamwatch.gov.au/

  • We recommend changing your online account passwords and setting multi-factor authentication for you online accounts if you have not done so already.