In late March 2022 Capricorn Society Limited and Capricorn Mutual Limited (“Capricorn”) experienced a cyber event where an unidentified third party gained unauthorised access to the Capricorn IT environment and downloaded some information.
The unauthorised access was identified and blocked after our cyber security systems detected unusual activity on the Capricorn network.
Upon discovery of the event, we took immediate action to deactivate our affected systems and engage leading external forensic IT and cyber security expert advisors to assist us in responding, which included applying additional cyber security measures and conducting a thorough investigation into what happened.
We also notified the Office of the Australian Information Commissioner (OAIC), the Australian Cyber Security Centre (ACSC), and the New Zealand Office of the Privacy Commissioner (NZOPC) and relevant law enforcement authorities.
Our investigation is now complete and has found that some personal information stored on our system was affected, however we have no evidence that any of the individuals or businesses whose information has been affected, were specifically targeted or that their information has been subsequently misused.
We take cyber security and the protection of all information very seriously and have already taken a number of proactive steps with relevant authorities, where possible, to protect the information of those affected, and have commenced notifying affected individuals of additional steps they can take to further protect their information.
We sincerely apologise that this cyber event has occurred and for the concern and inconvenience it may cause our members, suppliers, partners, and staff.
Affected individuals who have questions or concerns can contact Capricorn’s support team on 1800 956 756 (Australia) or 0800 656 156 (New Zealand) between the hours of 7am – 3pm (AWST) Monday to Friday.
For media enquiries, please contact:
Brent Fleeton | Brent@gtcommunications.com.au
Gemma Tognini | Gemma@gtcommunications.com.au