NSW court website data breach affects 9,000 sensitive documents
Learn More
The New South Wales Department of Communities and Justice (DCJ) reports a data breach affecting its Online Registry website, which provides access to information from both civil and criminal cases in the NSW court system.
The breach was detected during routine maintenance of the registry system when technicians noticed unauthorized data changes. After further investigation, they discovered that an account holder within the justice link system had gained unlawful entry. DCJ cyber experts shut down the user's account and patched the vulnerability.
Approximately 9,000 sensitive court files were compromised, including domestic violence orders (apprehended violence orders or AVOs) and affidavits. The compromised documents may include:
- Names and addresses of victims and offenders
- Detailed accounts of alleged offending
- Domestic violence orders
- Affidavits
- Other sensitive court documents
The number of affected individuals is not disclosed.
NSW Police became aware of the breach on Tuesday and have launched an investigation. The identity and origin of the threat actor remain unknown.
Attorney-General Michael Daley stated that early investigations suggest the exposed information has not been shared publicly - it has not appeared on the dark web or elsewhere in the public domain. It may take authorities approximately one week to determine exactly which files were accessed and the precise nature of the data that was viewed.
