Jess Malcolm reports:
The NSW government has deliberately failed to inform tens of thousands of people that their personal information was stolen in a cyber security attack on Service NSW employee emails, as the agency says it has no obligation to notify affected customers.
Documents obtained by The Australian show Service NSW decided not to inform many victims whose data was stolen by criminals during a phishing attack on the department in April 2020, despite acknowledging the theft of their personal information could cause them serious harm.
Read more on The Australian.