Victims of crime will have to wait a week to find out if a breach of Australia’s largest online court filing system compromised their sensitive details.

NSW JusticeLink allows lawyers, police and businesses to upload sworn statements, identity information and other court files for the 400,000-plus cases filed each year.

Justice department officials recently noticed unusual data changes and saw one account had accessed or downloaded more than 9000 files.

Access was soon cut off and police were notified of the breach on Tuesday.

Inquiries into the user’s identity, what files were accessed and whether the account was compromised were all ongoing, investigators said on Thursday.

“Cyber criminals routinely gain access to other people’s credentials and accounts to gain access to systems,” Cybercrime Squad commander Jason Smith said.

“At this point in time, we just simply don’t know (how it happened)

“It’s very early in the investigation.”

Detective Chief Inspector Smith would not speculate on whether domestic violence victims and other vulnerable people involved in the court system were caught up in the breach.

But he suggested people take precautions.

“If you have concerns about your safety as a result of this data breach, you should contact your local police station,” he said.

“Additionally, if you believe that your identity documents have been compromised as a result of any data breach, you can reach out to ID Support NSW, who will (assist) in remediating your identity documents.”

Attorney-General Michael Daley said the apparent intrusion was noticed during routine work by departmental IT experts and quickly stopped.

He cited a police briefing as he warned it would likely take a week before investigators knew “exactly what has happened with those files and the exact nature of the data that was viewed by the hacker”.

“The important thing is the government’s taking this seriously, because this is a system that stores public data securely,” Mr Daley said.

A system patch to prevent similar incidents was pushed through on Wednesday night.

The breach comes after 3.8 million documents held on government portal Service NSW were illegally accessed in 2020.

That hack, affecting up to 186,000 people, involved 47 staff email accounts without multi-factor authentication being compromised through phishing attacks.

Australian Parliament House networks were breached by a malicious state actor, likely China, in another sophisticated phishing attack in 2019.

-AAP