On the morning of the 18th of March 2022, ONCALL Group was a victim of a cyber- incident directly caused by external cyber attackers (Conti ransomware), who gained unauthorised access and encrypted some of our systems.
ONCALL immediately attended to restoring our critical services to our customers and engaged a third-party security firm to implement a cyber security response solution, including the ongoing monitoring of our systems.
A full technical investigation was initiated, and law enforcement officials, including the Australian Cyber Security Centre, were notified.
The remedial action has been completed, and the ransomware has been removed. Since the incident, we have implemented the following steps and precautions to mitigate future risk:
– Completed a comprehensive security review.
– Increased the level of security software; and
– Engaged international partner, CrowdStrike, to implement an ongoing 24-hour global software monitoring service.
We want to confirm that there is no evidence that any Australian data had been exfiltrated. Our investigations show evidence of some exfiltration of ONCALL’s European data, and we have notified the individuals that may have been affected.
What type of information was involved?
ONCALL’s data was, and continues to be, encrypted at REST when stored on our systems.
The data breach was related to emails and internal documents available on shared drives for European customers.
We have no evidence of compromised Australian data, be it customer, end-user, payment, or service related.
What can you do?
We recommend you reset your password to all ONCALL systems and, if applicable, escalate this matter to your relevant internal department for advice on precautionary measures.
The Office of the Australian Information Commissioner provides guidance and recommendations for steps to respond to a data breach. Please refer to https://www.oaic.gov.au/privacy/data-breaches/respond-to-a-data-breach-notification.
We appreciate that no organisation is immune to such attacks. However, we believe that the significant and additional bolstering of our security will work to limit the increasing cyber-attacks organisations face globally.
We trust that the steps we have taken to safeguard our systems reassure you that cyber security has always been a priority for ONCALL.
If you have any questions, please do not hesitate to contact security@3.232.70.235.
Kind Regards,
ONCALL Security Team
