Skip to main content

Cyber Security Incident

Update 3rd May 2024

To our members and guests,

We have been informed overnight that a person has been arrested by Cybercrime Squad detectives and charged with blackmail in connection with the incident that has impacted the service provider. The National Cyber Security Coordinator has also released a statement, which can be accessed here.

Police investigations are ongoing and we are continuing to work with the impacted provider accordingly. We will provide a further update once we hear more.

We continue to ask you to remain alert to suspicious activity or communications, including any communications purporting to come from us. Please do not respond to or continue with any suspicious communication until you have taken steps to verify it is legitimate using trusted and reliable information.

If you have any questions or concerns, please contact us here

Regards,

Glenn Cushion,
Chief Executive Officer.
Ingleburn RSL Club


Important Notice from Ingleburn RSL Club

To our members and guests,

On 29 April 2024, Ingleburn RSL Club was informed that one of our external service providers suffered a cyber security incident. Our internal IT systems have not been impacted.

The impacted provider supplied technology and services to assist us with our membership and promotions processes. We no longer use this service provider.

We have been informed that data held by the provider has recently been taken and posted onto the internet.

We understand that the provider has notified the Office of the Australian Information Commissioner, and engaged with the Office of National Cyber Security, NSW Police and the Australian Federal Police of the incident.

We have commenced an investigation into the incident. We are working with the provider to identify the extent to which any data relating to Ingleburn RSL Club, including any personal information may be involved.

We will provide a further update as our investigations progress.

At this stage we ask you to remain alert to suspicious activity or communications, including any communications purporting to come from us. Please do not respond to or continue with any suspicious communication until you have taken steps to verify it is legitimate using trusted and reliable information.

Please also let us know immediately if you see or receive anything suspicious, particularly if it is said to originate from us. You can report this to info@ingleburnrsl.com.au. If you believe you have become a victim of cyber-crime, please report the incident on the Australian Cyber Security Centre Website at www.cyber.gov.au.

Further information about online safety, cyber security and other helpful tips can be found at the Australian Cyber Security Centre website or the ACCC’s Scamwatch website.

We deeply regret any distress, concern or inconvenience this has caused.

If you have any questions or concerns, please contact info@ingleburnrsl.com.au.

Regards,

Glenn Cushion,
Chief Executive Officer.
Ingleburn RSL Club

02 May 2024

Ingleburn RSL Club Cyber Incident FAQs

What happened?

Ingleburn RSL Club has been informed that one of our former external service providers suffered a cyber security incident. Our internal IT systems have not been impacted.

We have immediately commenced investigations into the incident and are working with the impacted provider to learn more. We are progressing these investigations as a priority.

What is a cyber incident?

A cyber incident is an unwanted or unexpected cyber event that impacts IT systems or data held on those systems and may compromise business operations.

Is this a ransomware incident?

To avoid impacting or compromising the ongoing investigations, we cannot provide further specifics about the type of incident at this time.

If you are concerned, are aware of any suspicious activity or believe you are a victim of a cyber-crime, please report the incident to the Australian Cyber Security Centre website at cyber.gov.au.

When did Ingleburn RSL Club become aware of this issue?

Ingleburn RSL Club became aware of the issue on Monday, 29 April 2024 when it was informed by the impacted provider of the incident. We continue to actively engage with the impacted provider to learn more about the incident.

Why/How did this happen?

As the incident did not impact our systems, we are engaging with the impacted provider to learn more about the cause of this incident. To avoid impacting or compromising any ongoing investigations, we cannot provide further specifics at this time.

Who is responsible for the cyber incident?

As the incident did not impact our systems, we are engaging with the impacted provider to learn more about the perpetrators. To avoid impacting or compromising any ongoing investigations, we cannot provide further specifics at this time.

Who is / what is the nature of the impacted former external service provider?

Ingleburn RSL Club received technology and services to assist us with our membership and promotion processes. We no longer use this service provider.

Why is it taking so long for Ingleburn RSL Club to investigate the cyber incident?

Ingleburn RSL Club commenced investigations as soon as it was informed of the incident on 29 April 2024. As our internal IT systems have not been impacted, we are working with the impacted provider to learn more about its investigations. Our understanding of the incident will be broadly reliant on the information provided by the impacted provider.

These investigations are ordinarily complex and take time.

What has Ingleburn RSL Club done in response to the cyber incident?

Ingleburn RSL Club immediately conducted an internal investigation of its IT systems and has sought further information from the impacted provider to obtain further information about the incident.

We otherwise understand that the impacted provider has notified the Office of the Australian Information Commissioner and engaged with the Office of National Cyber Security, NSW Police and the Australian Federal Police of the incident.

As a member, how does this affect me?

Our systems, venues and operations have not been impacted and are operating as normal.

What about my personal information held by Ingleburn RSL Club?

Ingleburn RSL Club and the impacted provider are investigating as a priority the extent to which any personal information held by Ingleburn RSL Club has been subject to any unauthorised access or unauthorised disclosure. We will provide an update once we learn more as these investigations progress.

When will I know if my personal information has been accessed or stolen?

We will provide an update once we learn more as these investigations progress.

What can I do to protect myself?

There are some proactive steps you can take to protect yourself. At this stage, it is important to remain alert to scam activity, including any scam activity purporting to come from us.

If you believe you have become a victim of cyber-crime or are aware of any suspicious activity, please report the incident to the Australian Cyber Security Centre Website at cyber.gov.au.

I have a complaint or very personal reason to be concerned about this cyber incident, who can I contact to discuss this privately? 

If you require further information or need assistance, please feel free to contact Ingleburn RSL Club via email at info@ingleburnrsl.com.au or by clicking here

One Membership Means
Access To Two Clubs

One membership gives you loads of access! Including Ingleburn RSL Club and Tabatinga Fun and Social Centre plus our Ingleburn Bowling Club.