NSW TrainLink suffers security breach

Public transport operator unsure if customer data accessed

The online reservations system of public transport operator NSW TrainLink has suffered a security breach.

A statement from the state government agency revealed it had shut down the system while it investigates. It has not yet determined whether the personal information of customers has been accessed.

NSW TrainLink operates the regional train and coach services formerly provided by CountryLink as well intercity train services formerly operated by CityRail.

“The NSW TrainLink database does not contain sufficient credit card information for it to be used in any transaction,” a statement from the agency said.

The police have been notified of the breach, the organisation said, and Transport for NSW has contacted AusCERT to manage an investigation into the breach.

New South Wales’ Information and Privacy Commissioner has also been notified.

“Customers are asked to be extra vigilant to any unsolicited requests for personal information,” NSW TrainLink said.

“Opal customers can be reassured that Opal data is kept on a completely separate system and has not been compromised.”

Earlier this year the NSW Department of Industry’s resources and energy division revealed its Maitland office suffered what it described as a “hacking attempt”.

Earlier this year when launching Australia’s national cyber security strategy Prime Minister Malcolm Turnbull confirmed reports that the Bureau of Meteorology last year suffered a “significant cyber intrusion”.

Join the Computerworld newsletter!

Error: Please check your email address.

Tags securityNew South Walescyber security

More about Bureau of MeteorologyCustomersTransport

Show Comments