Back

NSW Treasury Staffer Allegedly Exfiltrates 5600 Sensitive Documents

Severity: Medium (Score: 51.8)

Sources: Itnews.Au, www.nsw.gov.au

Summary

A staff member of the NSW Treasury is accused of exfiltrating over 5600 sensitive documents from multiple state departments. The breach was detected through internal security monitoring, which identified a suspected transfer of confidential commercial and financial information to an external server. NSW Police were notified of the incident on April 16, 2026, and launched an investigation under Strike Force Civic. A 45-year-old man was arrested in Sydney's CBD and charged with accessing and modifying restricted data. All allegedly stolen data has reportedly been located and secured, with no external compromise to the agency's systems. The NSW Chief Cyber Security Officer is coordinating a whole-of-agency response as per the state’s cybersecurity plan. Currently, there is no impact on any NSW government services. Key Points: • Over 5600 sensitive documents were allegedly exfiltrated by an NSW Treasury staff member. • The breach was detected through internal security monitoring on April 16, 2026. • A 45-year-old man has been arrested and charged, with all stolen data reportedly secured.

Key Entities

  • Data Breach (attack_type)
  • Strike Force Civic (campaign)
  • Cyber Security NSW (company)
  • NSW Government (company)
  • NSW Police (company)
  • NSW Treasury (company)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • Government (industry)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed