The Department of Treasury and Finance has been in negotiations with payroll provider Frontier Software this year over the fallout from a major ransomware attack in December 2021 which saw the names, addresses, tax file numbers and banking details of more than 90,000 South Australian public servants accessed.

Treasurer Stephen Mullighan told parliament today there were still no confirmed reports of identity theft or fraud stemming from the attack, and all affected public servants “have been directly notified now”.

According to the Department’s annual report published this week, the State Government has spent around $640,000 on consultants to manage the consequences of the attack.

It has also been seeking reimbursement and further compensation from Frontier Software to cover the incurred expenses.

Mullighan said Frontier Software has now agreed to pay $1.75m in compensation to the Department.

“This compensation is in recognition of the ongoing consequences and impacts of the cybersecurity incident in late 2021,” he told parliament today.

“It also includes the recovery of direct third-party costs incurred by the Department responding to the cyber incident in the previous financial year.”

Mullighan said Frontier would pay part of the compensation this month via a lump sum and then offer the government reduced fees for its payroll services until June 30, 2024.

It was previously unclear whether the State Government would continue using Frontier Software after the former Marshall Government issued the company a breach of contract notice in January 2021.

The State Government spent $420,000 to engage consultants PricewaterhouseCoopers to conduct a major review of the Frontier Software cybersecurity incident.

Mullighan said the review produced eight recommendations, of which five have been addressed by Frontier.

“[This includes] the secure deletion of all South Australian Government personal information previously held on Frontier’s corporate network,” he said.

“It’s important to remind the House that this was a breach of Frontier’s network, not a breach of the South Australian Government’s payroll system.”

The three remaining recommendations from the PwC review are “expected to be resolved by the end of the calendar year”, Mullighan said.

In addition to the PwC review, the Treasury Department also spent $200,196 to engage cybersecurity firm Identity Care for “advice and assistance to employees impacted by the Frontier cyber incident”, according to the Department’s annual report.

A further $19,688 went to consultants Deloitte Risk Advisory to provide “external web penetration testing of functionalities delivered by Frontier”.

The overall cost of the three consultancies was $639,884. Mullighan warned in May the cost of managing the cyber-attack could reach $750,000.

InDaily sought comment from Frontier Software.

Auditor-General Andrew Richardson earlier this year criticised the State Government’s management of its contract with Frontier Software.

In his annual “Controls Opinion” report published in October, he stated there were insufficient checks of the company’s data security.

“There was no contract management activity or risk assessment to conclude on, or test, Frontier’s compliance with the data security and storage requirements included in the contract,” the Auditor-General wrote.

“No control operated to ensure that all hosting, support, maintenance and bureau services were conducted in the SA Government’s Client Managed Environment, or assessed whether data was routinely taken outside of that environment.”