What has happened?

Joondalup Resort recently became aware that it was the victim of a cyber event.

In late May 2025, an unauthorised person accessed a part of our IT system.  As soon as we became aware, we immediately engaged leading cyber experts to provide us with advice.  Our cyber experts worked to successfully contain the incident. Since then, we have been working urgently to respond to the incident to investigate what data is impacted.

We take this event very seriously. While we had robust cyber security systems in place prior to the event, we are committed to working with our experts to further strengthen our cyber defences.

What information has been accessed?

Our investigation identified evidence that data was accessed and stolen from one internal file server.

Based on our ongoing investigations, we understand that a number of documents containing personal information may have been accessed.  This includes driver’s licences, passports and credit card information in relation to guests of Joondalup Resort over the past three years.  Where these documents have been impacted, we are taking steps to contact any affected individuals directly where practicable.  We have also identified that some staff payroll information is impacted, including tax file numbers (TFNs).

Joondalup has notified the Office of the Australian Information Commissioner, the Australian Cyber Security Centre and the Australian Taxation Office (ATO) about the cyber event.

What can I do?

Given the nature of the information accessed, there may be risks relating to scam communications via unsolicited emails, phone calls or text messages.  Scammers can seem quite believable and impersonate government, police and businesses, including making their telephone numbers and email addresses look legitimate.  For further information, visit https://www.scamwatch.gov.au.  For further information about online safety, cyber security and helpful tips at www.cyber.gov.au.

For customers who are concerned there are several steps that can be taken to mitigate risks, depending on the type of information accessed.  This includes taking the following action:

• review statements from financial institutions and immediately contacting them if any suspicious transactions are identified;
• contact the issuing authority for any driver licence to take steps recommended by them to protect this information against potential misuse;
• contact the relevant issuing department of any passport to request further information on what steps can be taken to protect impacted information; and
• obtain a free credit monitoring report (for example, from https://www.equifax.com.au/personal/).

For employees concerned about the access to payroll information:

• contact the ATO to discuss any further layers of security for TFNs (noting that additional security monitoring has already been put in place). You can contact the ATO Client Identity Support Centre on 1800 467 033 between 8am and 6pm AEST, Monday to Friday.

Who can I contact?

We apologise for any inconvenience or concern caused by the event.

If you have any questions about the incident or wish to discuss anything further, we have set up a dedicated email for you to send these queries to support@joondalupresort.com.au.  We will endeavour to respond to any queries as soon as possible.