22 March 2018
Notification of Data Breach
A spear phishing email was sent to a NORTEC staff member, the staff member entered their email credentials into a webpage link.
Based on the user account logs, some short webmail actives were conducted to send a fraudulent invoice to our accounts team from the user account. Based on the very short interval of these accesses to the account and no detectable increase in the number of ‘read events’ logged on the email account during the breach window, we are of the view that access was not script-based and was conducted by the attackers manually and with the aim of only
sending the emails to defraud NORTEC only.
Upon identifying the account breach, NORTEC have reset the users account credentials to prevent any further access. NORTEC have also confirmed that the password change in our logs did indeed prevent further access.
We have initiated an internal staff education campaign based on this attack and the information we gathered from it to educate our staff further on what these attacks look like.
While we have assessed the likelihood of data being accessed as extremely low, NORTEC has taken the position of notifying OAIC (Office of the Australian Information Commissioner) and making the notification publicly available to ensure that potentially affected individuals are made aware of the situation and can take preventative actions if and where necessary.
If you have any concerns or would like further information;
Please contact NORTEC.
T: 1800 667 832
Issued by NORTEC Employment & Training Limited ABN 88 129 092 280
NORTEC Employment & Training Limited (NORTEC) is a for-purpose, community-owned organisation. NORTEC invest funds from their commercial enterprises to support the delivery of community programs, social enterprise initiatives, small business support and community grants & sponsorships. These activities assist us them in giving back to the community in a way that supports and promotes social engagement and economic growth.
The organisation strives to ensure all commercial and non-profit activities have a positive impact on the community’s social and economic wellbeing, across all four of their service areas. NORTEC achieve their purpose of ‘Creating Opportunities & Inspiring Futures’ through adhering to ethical and sustainable business practices, and standing by their service motto: ‘Listening to Understand. Seeking Real Solutions’.
NORTEC came about following the merger between TTEC Enterprises, an organisation that was a part of the Tweed community since 1979, and Ballina Skills and Development Centre, based in the Northern Rivers region since 1986. Both companies formed out of a desire to create employment opportunities and promote economic growth in our local region. Since the merger of these two like-minded companies in 2007, NORTEC has successfully grown to over 40 office locations through the Mid-and-Upper New South Wales region (Forster to Tweed Heads), and through South-East Queensland (from Gold Coast to Brisbane and Wivenhoe).