The New South Wales government has declared a significant cyber incident after a public servant allegedly stole a “substantial cache” of government documents spanning several departments and projects.
A NSW Treasury employee was charged over the data breach on Monday after electronic devices, including a hard drive, were seized during a search of a home in the Sydney suburb of Homebush West, police said.
The 45-year-old staffer, identified by court documents as Jagan Ganti Venkata Satya, has been accused of accessing and transferring more than 5,600 sensitive government documents.
‘Substantial cache’
NSW Treasurer Daniel Mookhey said on Tuesday that internal security monitoring over the weekend detected a “suspected transfer to an external server of a substantial cache of documents”, including confidential commercial and financial information.
“It is serious information,” Mookhey said.
“It is commercial in confidence; information that involves current government negotiations, previous government negotiations, and interactions.
“… That’s the reason why it was declared to be a significant cyber incident.”
The alleged data transfers took place from 10 to 14 April, Mookhey told media, with an escalation internally on 17 April and a report to NSW Police on Sunday, 19 April which spawned a cybercrime investigation.
NSW Treasurer Daniel Mookhey says 'serious information' is believed to have been transferred externally. Image: Facebook / Daniel Mookhey
NSW Police confirmed on Tuesday that a 45-year-old public servant had been arrested the previous day and charged with “access/modify restricted data held in computer”.
“Police believe all the alleged stolen data has been located and secured and there was no external compromise to the agency’s system,” NSW Police said in a statement.
Ganti has been granted conditional bail and is due to appear in court in early June.
He has worked for three years in NSW Treasury’s commercial team, which covers a “lot of the government’s commercial relationships” and a “variety of significant government transactions and negotiations with the private sector”, Mookhey said.
Ganti reportedly told Nine, “I haven’t done anything corrupt or wrong or sold anything, anything like that.”
The NSW government said there was no impact on its service delivery.
“An incident like this requires us to re-examine every system that applies to the NSW Treasury, and that is something I’m very clearly determined to do, and I’m very clearly determined to ensure that people can have confidence when they deal with us,” Mookhey said.
NSW’s chief cybersecurity officer Marie Patane is coordinating the state government’s response to the incident.
State data breaches
There have been several data breaches in recent years involving the NSW public service.
In October 2025 it was revealed that up to 3,000 flood victims in the state had their data exposed after a government contractor fed a spreadsheet containing personal and health data into ChatGPT.
A month earlier, nearly 600 medical staff had their data potentially exposed after NSW Health accidentally left confidential documents publicly available online.
Earlier last year, a man was charged over a data breach involving the accessing of nearly 9,000 sensitive NSW court documents, believed to have included apprehended violence orders and details of minors, from a website operated by the NSW Department of Communities and Justice.
In 2023, an update to the Service NSW website mistakenly saw personal information including driver licences, car registrations, and even children' s names leaked to other users of the site.
And in 2021, hundreds of gigabytes of data was taken from Transport for NSW and posted on the dark web.
The NSW government has had a mandatory data breach notification service in place since 2023.
