Thousands of Australians found themselves in the middle of a privacy nightmare late last week after a hacker gained access to EWN, an emergency warning alert system used by local councils across Australia and contacted citizens using the platform.
The intrusion was detected by IT personnel at Early Warning Network after thousands of citizens received a message sent by the hacker via texts, emails, and landline. "EWN has been hacked. Your personal data is not safe. Trying to fix the security issues," read the message.
EWN is an emergency alert system used by local councils across Australia to alert citizens about major events such as flash floods, bushfires, tsunami threats, thunderstorms, blizzards, destructive winds, and severe weather conditions, and offers advisories on what actions citizens should take to protect themselves and their families.
Local councils across several Australian regions such as Darwin, Queensland, Gladstone, Ipswich, Logan, and Tablelands use the emergency warning alert system to contact residents via texts, email, and landline in the event of severe weather conditions. The same communication platforms were used by the hacker to contact citizens after he/she gained access to EWN's IT systems.
Hacker used stolen credentials to log in
"The unauthorized alert sent on Saturday night was undertaken by an unauthorized person using illicitly gained credentials to log in and post a nuisance spam-notification to some of our customers. The link used in this alert were non-harmful and your personal information was not compromised in this event. Investigations are continuing with the Police and Australian Cyber Security Centre involved," said EWN in a statement issued on Monday.
"At around 930pm EDT 5th January, the EWN Alerting system was illegally accessed with a nuisance message sent to a part of EWNs database. This was sent out via email, text message and landline. EWN staff at the time were able to quickly identify the attack and shut off the system limiting the number of messages sent out.
"Unfortunately, a small proportion of our database received this alert. Our systems are back up and running providing ongoing alerts for severe weather and natural hazard events. Investigations are continuing with police involvement," it added.
After news of the hack arrived, local councils across Australia warned citizens in their respective regions about the breach via posts on their Facebook pages. Even though EWN has confirmed on Facebook that it has regained access to its systems, it is warning citizens not to click on any links that may have accompanied the spam emails.
Malicious intent behind EWN intrusion
Kerry Plowright, managing director of EWN, told ABC News that the unauthorised intrusion on Saturday involved compromised login details, may have been carried out by someone from within Australia and that the purpose of the intrusion was malicious and aimed at damaging the business.
However, he added that the intrusion did not compromise any personal information of citizens as the company's database only stores "white pages-type data" and does not store any personal information.
"We're not a big business, we're not an IBM or a Telstra or something like that. We're a relatively small business, so to us this is an extremely big deal and our reputation means everything. We're incredibly embarrassed that we've put some of our customers through this embarrassment and they've been very gracious in that process," he added.
Reddit data breach: Hacker intercepted authentication SMS to access database
LGA gets £1.5 million grant to strengthen cyber security of local councils