The Australian Sports Commission will contact almost 20,000 people after an agency's email account was hacked last month.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
ASC chief executive Kate Palmer said an investigation into the breach had been unable to determine if any personal information had been stolen.
The Canberra Times revealed the cyber attack in November, which came in the wake of similar incidents involving Parliament House and the Australian Sports Anti-Doping Authority.
Palmer said they would contact everyone who could have been impacted by the breach - a whopping 18,900 individuals.
She said the hacked email account only contained basic personal information for most of those, but it contained "more sensitive personal information" for a small number of people.
"At this stage of the investigation we have determined it is not possible to conclusively establish if any personal information contained in the email account was extracted by an unauthorised person," Palmer said in a statement on Wednesday.
"As a precaution we are making it a priority to notify and support individuals who may have been impacted.
"We have established that the email account contained references to approximately 18,900 individuals.
"The vast majority of these individuals are referenced by either their name and/or birthdate, or other basic contact information.
"There are a small number of people that we consider to have had more sensitive personal information contained within the account.
"We are contacting each of these people directly to inform them and provide additional support.
"For privacy reasons we will not be making further comment on these individuals."
MORE CANBERRA NEWS
Palmer said the ASC had engaged a national identity and cyber support service to monitor for the "inappropriate use" of any of the personal information that could have been taken.
"On behalf of the ASC, I unreservedly apologise for this incident," she said.
"We take our responsibility for protecting private and trusted information very seriously and have invested heavily in keeping our IT security systems strong and secure.
"The investigation found no evidence any other ASC email accounts or systems have been compromised.
"We have set up a dedicated webpage ... that provides further information, contact details for support services, and advice on how people can keep their online identity protected.
"To protect the ongoing security of personal information referenced in the email account, we have engaged with IDCARE to provide daily online monitoring to detect for any inappropriate use of personal information."