House of Assembly: Wednesday, October 18, 2023

Contents

Super SA Cybersecurity Incident

Mr COWDREY (Colton) (14:15): My question is again to the Treasurer. When was the cybersecurity incident discovered, and how many current or former public sector employees have been impacted by the cybersecurity incident?

The Hon. S.C. MULLIGHAN (Lee—Treasurer) (14:15): I thank the member for Colton for his question. They are appropriate questions and they deserve a thorough and accurate answer, and I will provide those to him. But I hope that I have made it clear to him and to the rest of the house that it is my understanding that the breach happened at least in the first instance sometime ago, and certainly sometime before I was advised.

The other agencies or the people responsible for ICT or cybersecurity management in those agencies may well have been advised in a more timely manner. Regardless, that doesn't excuse the basically unacceptable situation that at least this minister, if not other ministers of those other agencies, weren't appropriately advised at the time in real time so we could do what we are here for and make sure that the way in which government agencies are responding to this is appropriate, timely and thorough.

My understanding is, given the number of different agencies and hence the number of different types of records that were accessed, that there was potentially a significant number of South Australians who had their data accessed, but I will come back and provide the particulars and the specifics on how many that is and, in particular, what type of data that might be. I would expect that, given the effluxion of time since this incident occurred, there should have been a thorough reconciliation of that by now.