Update on FRV cyber-attack 11 January 2023

Published:
Wednesday 11 January 2023 at 3:06 pm

FRV has today had confirmation that the criminals who attacked our IT systems on 15 December 2022 have shared FRV information on the ‘dark web’.

It is a complex task to analyse the data that has been shared on the dark web, and we have cyber security specialists assisting with this analysis. As we identify what information may have been released, we will provide further information.

Since this is an ongoing investigation, we will refrain from making any further comment on the nature of the attack or the criminals.

We strongly urge the media and anyone else from downloading sensitive or personal FRV data from the dark web and to refrain from contacting our employees directly.

We also want to remind those who might wish to take advantage of this criminal act, that it is an offence to buy stolen credentials and those who do face a penalty of up to 10 years’ imprisonment.

Last Friday, 6 January 2023, we notified the Office of the Australian Information Commissioner of the recent cyber-attack, in line with our obligations under privacy laws.

Given the nature of the cyber-attack, we have reasonable grounds to believe that personal information of current and former employees, individual contractors and secondees of FRV and the former Metropolitan Fire and Emergency Services Board (as well as job applicants and other individuals) may have been accessed or stolen by the criminals.

We encourage these groups to take practical steps to protect their information and we are making identity protection and credit monitoring services available to them.

FRV is offering free support from IDCARE, Australia’s national identity protection and cyber security support service, and Equifax to enable individuals to set up individual credit and identity protection monitoring.

We encourage those who may be affected to remain vigilant with all online communications, validate any information they receive and follow other cyber security tips such as changing their passwords regularly.

FRV will attempt to contact anyone who might be affected by the incident to alert them to these tips and the support available. Individuals are encouraged to visit the FRV website for further information.

Throughout this incident, community safety has not been compromised and FRV continues to turn out crews and fire trucks through mobile phones, pagers, and radios. The community should continue to call Triple Zero (000) in an emergency.

FRV continues to work around the clock to recover our systems and we thank our employees and partners for their ongoing understanding and support. A number of systems, including access to phones and emails, have now been restored.

We also acknowledge the significant support of the United Firefighters Union in assisting FRV to respond to the situation.

Updated