DANDENONG
dandenong.starcommunity.com.au
Tuesday, 25 June, 2024
/DandenongJournal
@StarJournal_SE
40¢ Inc. GST
Housing vision for 2051
Aero club flying high
Doveton Show to return
History three-peats itself
PAGE 4
PAGE 4
PAGE 12
PAGE 19
Game face on It was all fun and games for Ruhaniyab, 3, at a Play in Our Street event in Noble Park on Sunday 23 June. For more pictures, turn to page 8.
Picture: GARY SISSONS
CGD data scare By Sahar Foladi and Ethan Benedicto City of Greater Dandenong is one of many Victorian councils impacted in a data breach involving service provider Oracle CMS back in April. According to the council, approximately 3000 of its records related to after-hour phone calls in specific periods in 2010, 2016 and a period over 2020-’21 were affected. A council spokesperson said the council was made aware of a cyber-security incident involving Oracle CMS.
“Council’s own systems and databases have not been accessed. This data breach relates to Oracle CMS systems only. “On learning of the breach, we immediately suspended part of the Oracle CMS service and brought it in-house until we were confident that all risks had been adequately mitigated. “We have been in close liaison with relevant Victorian Government authorities, Oracle CMS and other councils while the matter was thoroughly investigated.” Council uses the third-party service provider for its after-hours phone call service, where
Oracle takes calls on behalf of the Council. “Depending on the issue, Oracle CMS may provide information, pass on messages or contact council duty staff. Oracle CMS provides this service for many local councils across Victoria,” the Greater Dandenong spokesperson said. Deakin University professor and director of Centre for Cyber Resilience and Trust, Robin Doss, said that overall community confidence on organisations’ ability – councils included – would be impacted by these data breaches. “This is a classic example of what we term
as a supply chain risk and a supply chain compromise. “So it’s, in a sense, OK for some councils to say our own systems haven’t been breached, but their responsibility now extends beyond that as well. “In a sense it sort of places an onus on government agencies, broadly, that handle citizen data to not just look at how they manage the protection of information in their own internal systems, but also across their supply chains. Continued page 4
12696191-CB25-24