House of Assembly: Wednesday, October 18, 2023

Contents

Super SA Cybersecurity Incident

Mr COWDREY (Colton) (14:17): My question is again to the Treasurer. What steps has the Treasurer taken since being informed of this cyber incident?

The Hon. S.C. MULLIGHAN (Lee—Treasurer) (14:17): My understanding is that the lead agency for responding to the cybersecurity breach is that business unit within DPC which is responsible for the government's across-government cybersecurity and ICT coordination efforts. I certainly made clear to my department that I expected that we firstly would have a thorough understanding for all of the agencies that were impacted about what the breach was, how many people were impacted, what notification had been taken not only to those agencies but more specifically and more importantly to those South Australians, or indeed other parties, if there were other parties, but particularly to those South Australians who might have had their data accessed.

As I referred to I think in my first or second answer on this topic, it was able to be made clear to people who may have been affected what steps were being undertaken to firstly secure or resecure their data and, secondly, provide them avenues to make sure that they could go about securing their own personal information or their other data which might have been accessed. If there were remedial efforts that needed to be taken—either by the government agencies, by the service provider or the individuals themselves—that all of that was being set out. So my initial reaction was going to the heart of those issues, putting those questions, making those demands to my department.