OAIC – 2020
Notifiable Data Breaches Report 01/07/20 – 31/12/20
Australian govt entity hit by brute-force attack
Nintendo Switch – December 2020
Nintendo Switch breach: dangerous data leak could’ve killed Switch
Ledger – December 2020
Crypto wallet data breach compromises hundreds of thousands of users | Names and mailing addresses were leaked online
Spotify – December 2020
Spotify resets passwords after a security bug exposed users’ private account information
FireEye – December 2020
FireEye discloses breach, theft of red team tools | Releases ‘hundreds’ of countermeasures
NSW State Transit Authority – December 2020
Ransomware outed as cause of State Transit Authority outage | Audit confirms June cyber incident took place
Flight Centre – 2017, reported December 2020
Flight Centre leaks customer data in an incredibly stupid way
An investigation into a major data breach involving Flight Centre Travel Group (FCTG) more than three years ago has found that the company broke a number of Australian Privacy Principles.
Flight Centre hackathon behind 2017 breach, exposed 6918 customers’ data | Full post-mortem revealed for the first time
BTC Markets – December 2020
BTC Markets exposes customer names, emails in botched blast send | Australia’s largest cryptocurrency exchange apologises for error
Law in Order – November 2020
Hackers threaten to publish data from attack on legal services firm
Sophos – November 2020
Sophos tight-lipped about data breach, no lessons learnt from WannaCry bungle
Sophos warns customers it was hit by data breach | Data breach has exposed sensitive information of Sophos users
Wildworks – November 2020
Animal Jam was hacked, and data stolen; here’s what parents need to know
Capcom – November 2020
‘Resident Evil’ game maker Capcom confirms data breach after ransomware attack
Dragon’s Dogma 2, Street Fighter 6 reportedly leaked in Capcom data breach
Prestige Software – November 2020
Booking.com, Expedia Group, Hotels.com customers in suspected data breach
Blackbaud – November 2020
OAIC confirms inquiries made with cloud software firm that was breached
Nitro PDF – October 2020
Nitro PDF suffers massive data breach, exposing Microsoft, Google, Amazon documents
Nitro again insists data breach ‘isolated’ as incident gets more coverage
DFAT – September 2020
Private emails of Australians stranded countries unintentionally revealed by DFAT
CloudBees CodeShip – September 2020
DevOps solutions provider CloudBees discloses data breach
Scouts Victoria – September 2020
Potential personal data breach of about 900 people after Scouts Victoria hacked
Scouts Victoria data breach potentially nets 900 people’s personal details | Including bank details, birth certificates and court orders
Activision – September 2020
Possible Activision hack puts thousands of COD player accounts at risk – here’s all you need to know
University of Tasmania – September 2020
IT bungle leads to mass student data breach
Data breach at University of Tasmania affects 20,000 students
UTAS contacts 19,900 students caught up in data breach
University of Tasmania leaks data of 19,900 students
Royal Queensland Yacht Squadron – September 2020
Royal Queensland Yacht Squadron To Be Questioned By Office Of Australian Information Commissioner After Data Breach
Zhenhua Data – September 2020
A Huge Chinese Data Breach Has Exposed Info Of 35,000 Aussies Including… Natalie Imbruglia?
Leaked Chinese database show company’s interest in Australia’s space and science sector
Australian business leaders caught up in China’s mass surveillance: Here’s what it means
Telmate – September 2020
Telmate data breach leaked personal info for millions of prisoners
K7Maths – September 2020
Large Australian education data leak traced to third-party service
Transport for NSW – August 2020
Over 54,000 scanned NSW driver’s licences found in open cloud storage
More than 50,000 NSW driver’s licences exposed in mystery data leak
Service NSW still waiting to notify on data breach after four months
NSW driver’s licence data breach left Sydney health worker ‘sickened’
How Bob the Ukrainian security consultant uncovered massive Australian data breach
ALP calls for action after data breach affects 50,000 NSW drivers
Data breach exposes tens of thousands of NSW driver’s licences online
Tik Tok, Instagram & YouTube – August 2020
How to Deal With This TikTok, Instagram, and YouTube Data Breach
RI Advice Group – August 2020
ASIC sues financial services company for repeated hacks | Hacker spent 155 hours logged in without detection
ASIC comes for IOOF subsidiary over inadequate cyber security infrastructure
Company sued over poor cyber security – Passwords found in text files on server desktop
Canon – August 2020
Canon data leaked online after company refuses to negotiate with ransomware attackers
ACT Public Schools – August 2020
Canberra students gained access to school network to send graphic content to children across ACT
Visa Europe Ltd – August 2020
iSignthis Ltd (ASX:ISX) Visa Europe Ltd -Breach of Personal Data
Carnival Corporation – August 2020
Carnival Corporation has been hit by a ransomware attack on one of its brand’s IT systems
Australian Universities – August 2020
Investigating ‘deeply concerning’ hack of controversial exam software
Hackers hit university online exam tool
Australian universities investigate online exam tool data breach
Instacart – July 2020
Instacart user data is reportedly being sold online, but the company denies there was a breach
Garmin – July 2020
Garmin goes down after suspected ransomware attack | Production halt in Taiwan, leaked internal email suggests
City of Darwin – July 2020
The email addresses of thousands of Territorians have been ‘accidentally’ leaked by the City of Darwin ahead of the next round of the MyDarwin voucher scheme
WA Department of Health – July 2020
WA Department of Health data breach sees confidential patient information published online
WA Health traces data leak to third-party pager service
Coronavirus: Teenager allegedly behind massive WA data breach
Minor allegedly involved in Western Australia’s medical record data breach
Clarification of reported data breach
Fraudulent Cryptocurrency Scheme – June 2020
Over 82,000 Aussies’ details leaked in crypto scam | Victim’s details show up on the web
TikTok – June 2020
TikTok Secretly Spying On Millions Of iPhone Users | A major TikTok security issue detected by Apple
Australia – June 2020
Australia targeted in ‘sophisticated’ state-based cyber attack
‘Cyber attacks’ point to China’s spy agency, Ministry of State Security, as Huawei payback, say former Australian officials
Australia under cyber attack
China believed to be behind major cyber attack on Australian governments and businesses
Lion – June 2020
Drinks maker Lion shuts IT systems after ‘cyber incident’
Lion accidentally directs milk orders to Sydney IT security consultancy
Lion warns of beer shortages after cyber attack
Drinks maker Lion lost CIO Grainne Kearns in March
Babylon Health – June 2020
Babylon Health data breach exposes user medical records to strangers | Bug was accidentally introduced via a recent update
Babylon Health admits GP app suffered a data breach
AFL Fan Website – May 2020
70 million records exposed in data leak from AFL fan website, cyber researchers claim
IN SPORT – May 2020
Retailer IN SPORT’s head office hit by ransomware – Rebuilds systems but loses some data
Service NSW – May 2020
Service NSW hit by email compromise attack | Agency tries to work out what they accessed
BlueScope Steel – May 2020
BlueScope IT ‘disruption’ feared to be ransomware attack | Production systems impacted
GoDaddy – May 2020
GoDaddy confirms it suffered a data breach | Incident happened in October 2019, GoDaddy tells users
WA Police Force – April 2020
Confidential details of entire WA Police Force accessed in ‘startling’ audit breach, CCC finds
Optus – April 2020
Optus hit with $40 million class action after alleged data breach of 50,000 customers details
Optus faces class action over major data breach
Optus facing class action over alleged customer privacy breaches
Apple – April 2020
Flaw in iPhone, iPads may have allowed hackers to steal data for years | But Apple is planning to fix the flaw
Zoom – April 2020
500,000 Zoom Account Breaches Reminds Us Not To Be Sloppy With Passwords
How to stay safe on Houseparty and Zoom
Intruder alert! How to keep Zoom meetings secure
How To Protect Your Zoom Account From Recent Data Breaches
Zoom brings in big guns to fix security problems | Paid users can avoid specific data centres
Federal Court – March 2020
Federal court data breach sees names of protection visa applicants made public
Houseparty – March 2020
Houseparty denies security breach as users accuse app of hacking accounts
Norwegian Cruise Line – March 2020
World’s third largest cruise line Norwegian suffers data breach
Microsoft Teams and Zoom – March 2020
Phishers quick to exploit remote working apps in COVID-19 lockdown
Melbourne TAFE – March 2020
Melbourne TAFE data breach exposes 55k student, staff files – Sensitive financial, health data accessed
Australian Department of Defence – March 2020
Fears private details of Defence Force members compromised in database hack
Defence plays down report of likely recruitment database breach
Nord VPN – March 2020
Top VPN software had a major security flaw – Vulnerability discovered during HackerOne session
Alinta Energy – March 2020
Alinta Energy accused of putting customers’ sensitive information at risk
Alinta Energy accused of endangering privacy of 1.1 million customers
Clearview AI – February 2020
Controversial facial recognition startup Clearview AI hit by massive client data breach
Leaked Document Shows Australian Police Use Creepy Clearview AI Facial Recognition Software
Talman – February 2020
Australian wool sales stopped by ransomware attack – Software maker Talman hit by attackers
Samsung – February 2020
Mystery notification may not have been as innocent as company first claimed
MGM – February 2020
MGM Resorts sued over data breach
MGM data breach exposed personal details of 10.6 million hotel guests
CES Attendees Data Hacked MGM Resorts Compromised
Slickwraps – February 2020
Slickwraps hit by customer data breach – Phone accessory firm ignored multiple warnings from security researcher
Smartwatch – February 2020
Smartwatch apps let parents keep track of kids, but data breaches mean strangers can watch them
Toll – February 2020
Toll held to ransom as cyber attack stalls deliveries
Toll Group confirms “targeted” ransomware attack
Toll Group hit by “new variant” of Mailto ransomware
Toll Group tight-lipped on alleged ransomware attack
Toll Group shuts IT systems after ‘cyber security incident’
ACSC gets to grips with Mailto threat after Toll Group infection – Releases hash of ransomware “from this incident”
Perth Mint – January 2020
Perth Mint visitor data stolen after feedback survey company hacked
Microsoft – January 2020
Microsoft customer support database exposed online
How To Protect Yourself In Microsoft’s Recent Data Breach
I.M.L. SLU, the parent company of ImLive and PussyCash – January 2020
Porn site data breach leaks thousands of cam models’ personal details
Porn stars exposed in data leak
Exclusive: Australians involved in online pornography data breach
P&N Bank – January 2020
WA’s P&N Bank hit by data breach – “Non-sensitive” data from CRM accessed
Travelex – January 2020
Travelex website was hit by Sodinokibi ransomware – Foreign currency firm facing demand to release its systems
