Brimbank residents who reported odour pollution around the Kealba landfill are among those whose personal information was stolen after the Environment Protection Authority (EPA) Victoria’s external contact centre was hacked.
The EPA was advised by the external service provider of its contact centre that data of thousands of customers had been illegally removed from its internal systems by an unknown third party.
The stolen information was from October 2021, September 2022, and October 2022.
EPA staff and about 2800 members of the public have had some of their details hacked.
A combination of customers’ names, email addresses, residential addresses and phone numbers were illegally shared.
The environmental regulator notified the affected customers earlier this month.
“We have taken immediate action to rectify this as soon as becoming aware of the incident. We have written to those who have been impacted by this breach to personally inform them of the incident and what we have done to rectify it,” an EPA spokesperson said.
“We sincerely apologise for any inconvenience this may cause our stakeholders, partners, employees and the community.
“We have worked closely with relevant government agencies and specialist security partners to remove the threat from our systems, with all sites purged of unauthorised access, resetting of passwords and other robust security measures.
“The data and privacy of our community, stakeholders, and employees are important to us.”
The spokesperson said EPA had a dedicated security incident response team in place coordinating activities focused on ensuring the privacy of the information they hold was protected and ensuring they could effectively continue to protect the Victorian community and our environment from the harms caused by pollution and waste.
“EPA is continuing to monitor the situation and ensure all data shared with us is secure and confidential,” the spokesperson said.