An unknown individual compromised an alert service and abused their access to send out a spam message to some of the service’s customers.
The Australian Early Warning Network (EWN) alert service disclosed first in a Facebook post and later on its website that the compromise took place near the beginning of the year:
At around 930pm EDT 5th January, the EWN Alerting system was illegally accessed with a nuisance message sent to a part of EWNs database. This was sent out via email, text message and landline. EWN staff at the time were able to quickly identify the attack and shut off the system limiting the number of messages sent out. Unfortunately, a small proportion of our database received this alert.
The service responded by launching an investigation into the incident. This effort revealed that the individual responsible used stolen credentials to gain access to the service and send out the spam message. This nuisance alert included a link that wasn’t harmful to customers who received it.
Kerry Plowright, managing director of EWN, told ABC News that the breach likely originated in Australia:
This event did not compromise anybody’s personal information. The actual data held in our system is just ‘white pages’-type data, we deliberately don’t hold any other personal information.
At this time, the EWN’s systems are online and providing ongoing alerts for severe weather and natural hazard events. The service also said that its investigation into the incident is ongoing with the help of Police and the Australian Cyber Security Centre.
This isn’t the first time that an emergency alert service has suffered a security incident. In March 2018, city officials confirmed they detected what they called a “limited breach” on a system that supports Baltimore’s 911 emergency services. According to Baltimore Police Commissioner Darryl De Sousa, the incident did not disrupt his officers’ ability to respond to emergency callers throughout the city. But it did lead the city to temporarily transition its 911 emergency services into manual mode, which means dispatchers took callers’ locations manually without any means to verify those details.