Cyber security incident

Published on 07 June 2024

cyber-security.jpg

The City of Whittlesea has been made aware of a cyber security incident involving OracleCMS which previously managed customer calls outside of our regular opening hours.

OracleCMS provides an after-hours answering service to many Councils, State Government departments and private sector companies across Australia. OracleCMS has advised its customers that an unauthorised third party has gained access to a portion of its data and published it online.

Oracle CMS is working with government authorities and cyber security experts to secure their systems and investigate the incident.

The City of Whittlesea is working with authorities to determine how many of our customers may have been impacted. At this stage we understand that impacted customer information may include name, address, email address and/or phone number but no financial data. We will be in contact with those few hundred people we believe have been impacted. 

Council will continue working closely with the Municipal Association of Victoria and the Victorian Government as a large number of other councils and government agencies are also impacted.

We take the security of our customers information very seriously and apologise for the concern this may cause to our customers.

Council is no longer using OracleCMS to manage our after-hours customer requests.

If you require any support, please contact IDCARE – Australia’s national identity and cyber support community service organisation, which has been appointed to assist customers impacted by the OracleCMS breach. Find out more at www.idcare.org/oracle-incident-response.

Stay Cyber Safe

We will never contact you to ask for usernames or passwords. If a third party may have accessed your contact information, it is important to:

  • Be aware of telephone and text-based scams. If contacted by someone reporting to be a City of Whittlesea representative and you have doubts, offer to call them back via our Customer Service line on 03 9217 2170.
  • Do not share your personal information with anyone unless you are confident about who you are sharing it with.
  • If you are asked to login, check the web address located in the address bar and if you are suspicious contact the entity through the usual channels to ensure you are logging into a legitimate website.
  • Enable multi-factor authentication for your online accounts where possible, including your email, banking, and social media.
  • Ensure you have up-to-date anti-virus software installed on any device you use to access your online accounts.
  • Check the strength of your passwords.

For more information, refer to Recover from a data breach page on the Victorian Government website.

journalist enquiries

Media Officer

T: 0438 725 335 or
E: media@whittlesea.vic.gov.au

Tagged as:
Back to top