Moyne Shire Council-Run Kindergarten’s Device Accessed by Attacker

Moyne Shire Council Detects and Halts Unauthorized Access Incident at Kindergarten.

Officials at Moyne Shire Council, located in Victoria, have reported that they have identified and terminated an unauthorised access incident on a device at a council-run kindergarten. The council disclosed that the incident occurred on March 3 and targeted an “electronic device… which stores enrolment information of children.”

The perpetrator had access for approximately ten minutes before council personnel intervened and sought advice from the Australian Cyber Security Centre. Following a comprehensive analysis of all devices on the site, the council verified that no data was downloaded or transmitted to external parties.

Despite this, the council stated that it is required to file a formal report, which it has done. The families have been informed of the incident, and councillors and the audit and risk committee have received a full briefing.

The council reported that it had implemented “additional security features on all devices” following the incident and that staff would receive “refresher training in cyber security procedures.” The council said that before this incident, work was already underway to strengthen systems, policies, procedures, and staff training due to the changing methods cyber criminals were using to access data.

A “complete review” of the incident is now underway, with federal and state security, privacy, and education authorities participating, and any recommendations will be included in ongoing cybersecurity improvement initiatives.