Treasury official charged over alleged data breach involving thousands of government documents
Updated ,first published
A NSW Treasury official has been charged by cybercrime detectives over an alleged data breach involving thousands of commercially sensitive government documents spanning the “whole of government”.
NSW Police on Monday arrested and charged Jagan Ganti Venkata Satya, 45, with accessing or altering restricted data after receiving allegations that more than 5600 sensitive documents had been accessed and downloaded by a member of staff.
NSW Finance Minister Daniel Mookhey said the government declared a significant cyber incident after an internal audit found a large number of documents containing confidential business and financial information were suspected to have been transferred to an external server.
“This is serious information. It is classified commercial information; information that includes current government deliberations, previous government deliberations and interactions… These are the reasons why it has been declared a significant cyber incident,” he said in a statement Tuesday afternoon.
“An incident like this requires us to re-examine every system that is in place for the NSW Treasury and that is something I am very clearly committed to doing and making sure people have confidence in doing business with us.”
Ganti, when contacted reporterHe said: “There was no corruption, I didn’t do anything wrong, I didn’t sell anything, I didn’t do anything like that.” He said he was cooperating fully with authorities.
The bureaucrat had been working in the Treasury’s commercial team for three years. Mookhey said he was interested in major government transactions and discussions with the private sector. The government was still working out whether third-party information was involved in the alleged breach.
The Finance Minister said that at this stage there is no evidence to suggest that data was transferred beyond the individual’s external server or that foreign actors were involved in the alleged theft.
The claim that the data was transferred between April 10 and 14 and involved multiple government departments and projects was confirmed by a government source who was not authorized to speak publicly. The alleged breach was detected three days after the last transfer.
“These span the whole of government. We are effectively notifying all agencies and departments; this is part of what is required as part of our cybersecurity protocols,” Mookhey said.
According to an online profile, Ganti worked in the Treasury’s Major Projects Division. The division provides commercial and financial advice on major infrastructure, energy transition and capital projects. It also partners with the private sector in large projects.
Police said in a statement that detectives with the state’s cybercrime squad launched an investigation and arrested the man on Monday afternoon. They executed a search warrant at a home on Homebush West and seized electronic devices, including a hard drive.
The bureaucrat was released on conditional bail and will appear at Downing Center Local Court on Wednesday, June 3.
“While police continue to investigate, they believe all data allegedly stolen has been located, is now secure, and there is no outside interference with the agency’s system,” the government said in a statement.
The transfer represents another alleged major data breach for the NSW government. reporter had previously reported Three incidents in the Ministry of National EducationIncluding the leaking of students’ adaptive behavior tests and parents’ personal information.
Start your day with a summary of the day’s most important and interesting stories, analysis and insights. Sign up for our Morning Edition newsletter.
Max Maddison is the state political correspondent for The Sydney Morning Herald.
