Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Australia’s Early Warning Network Hacked

A hacker managed to gain unauthorized access to Australia’s Early Warning Network (EWN) late last week, and used the service to send bogus messages to users. 

A hacker managed to gain unauthorized access to Australia’s Early Warning Network (EWN) late last week, and used the service to send bogus messages to users. 

The EWN is a service that Australia’s local governments use to send notifications about weather hazards, including damaging winds, thunderstorms, hail, heavy rain, and bushfire, as well as traffic warnings. 

On Saturday, the service started serving rogue messages to users, informing them on the hack and telling them their personal information was not safe. The messages also informed users that they could unsubscribe from the service. 

“EWN has been hacked. Your personal data stored with us is not safe. We are trying to fix the security issues. Please email [email protected] if you wish to unsubscribe,” the bogus alert, which was also posted on EWN’s website, stated.

The messages were sent to subscribers via email, text, and landline, but only to a part of the user base, as the incident was quickly discovered and mitigated. 

Some of the users commenting on the incident revealed that phone calls received on their landlines simply said: “You have been hacked.”

“At around 930pm EDT 5th January, the EWN Alerting system was illegally accessed with a nuisance message sent to a part of EWNs database. This was sent out via email, text message and landline,” EWN notes on its website

“EWN staff at the time were able to quickly identify the attack and shut off the system limiting the number of messages sent out. Unfortunately, a small proportion of our database received this alert,” EWN also says. 

Advertisement. Scroll to continue reading.

The EWN staff was able to restore the compromised systems quickly, but investigation into the matter continues. Authorities were also alerted on the incident. 

The hacker apparently gained access to the EWN system using “illicitly gained credentials.” The attacker logged into the system and posted “a nuisance spam-notification” that reached some of the service’s customers. 

The notification also included a link, which EWN says was not harmful. EWN did not offer information on the number of impacted customers, but says users’ personal details weren’t compromised in the incident. 

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.