The ACT Government is currently responding to a security breach that has affected Barracuda, an e-mail gateway system that supports some ACT Government ICT systems.
Barracuda has initially identified the CVE-2023-2838 vulnerability on 19 May issuing a first patch on 20 May and a second patch on 21 May. A few days later, on 30 May, the vendor revealed the earliest identified evidence of exploitation took place in October 2022.
Barracuda posted a warning that impacted appliances must be replaced immediately. The vulnerability existed in a module which initially screens the attachments of incoming emails.
Upon detection of the vulnerability the ACT Cyber Security Centre immediately completed a rebuild of the impacted Barracuda system to eliminate any ongoing vulnerability,
“The investigation has now identified that a breach has occurred, and a harms assessment is underway to fully understand the impact specific to our systems, and importantly to the data that may have been accessed.”ACT Statement
ACT government is confident that actions taken to date have contained the breach and that there is no ongoing threat, and instructed citizens can continue to use ACT Government online systems with confidence.
The ACT government is working with the Australian Cyber Security Centre and Barracuda Networks on the ongoing investigation.