Attack accessed 47 staff email accounts and affected 186,000 customers.
Service NSW has revealed that the personal information of 186,000 customers was stolen because of a cyber attack earlier this year on 47 staff email accounts.
Following a four-month investigation that began in April, Service NSW said it identified that 738GB of data, which compromised of 3.8 million documents, was stolen from the email accounts.
The one-stop-shop agency assured, however, there was no evidence that individual MyServiceNSW account data or Service NSW databases were compromised during the cyber attack.
"This rigorous first step surfaced about 500,000 documents which referenced personal information," Service NSW CEO Damon Rees said.
"The data is made up of documents such as handwritten notes and forms, scans, and records of transaction applications.
"Across the last four months, some of the analysis has included manual review of tens of thousands of records to ensure our customer care teams could develop a robust and useful notification process.
"We are sorry that customers' information was taken in this way."