CellOPark – December 2024
CellOPark responds to Brisbane council parking app data breach fears
WACER & University of Sydney-Based Fresh Produce Safety Centre Australia & New Zealand – December 2024
Funksec ransomware gang allegedly targets pair of Aussie companies | Ransomware operators share data stolen from a West Australian cleaning supplier and ANZ food safety not-for-profit, but the “leaks” are exceedingly minor.
Waverley Christian College – December 2024
Waverley Christian College confirms cyber incident after ransomware gang claims attack | The Fog ransomware group claims to have stolen five gigabytes of data from the exclusive Victorian school.
Ainsworth Game Technology – December 2024
Medusa claims 852.4GB of data stolen from Ainsworth Game Technology | The Medusa ransomware group has claimed a ransomware attack on an Australia-operated digital slots and gaming machine manufacturer.
Thanks for the Help (TFTH) – December 2024
KillSec ransomware claims breach on Australian educational support platform | Threat actors have claimed a ransomware attack on Australian private educational support firm Thanks For the Help (TFTH).
Nicholsons Solicitors – December 2024
Alleged hack on Qld firm exposes unprotected data | A ransomware gang claimed it has a raft of client documents that was left unprotected when a Queensland law firm closed its doors.
Equinox – November 2024
Equinox discloses data breach involving health info of clients, staff
Amazon – November 2024
Amazon says employee data impacted in third-party breach
MOVEit vulnerability sees Amazon, McDonald’s, HSBC, and more employee data leaked
Coroners Court of Victoria and Tasmanian Chamber of Commerce and Industry – November 2024
NoName targets at least 9 Australian organisations, Victorian Coroners Court confirms incident | The infamous NoName ransomware gang has claimed cyber attacks on a number of Australian organisations and government agencies.
Finsure – November 2024
Aussie mortgage broker Finsure confirms ‘cyber incident’ impacting customers and brokers | Finsure has confirmed the incident after “almost 300,000 unique” alleged Finsure emails were added to the data leak website Have I Been Pwned.
Telstra – November 2024
Alleged Telstra employee data listed for sale by threat actor | The threat actor claims to have the data of over 44,000 employees.
Snow Brand Australia- November 2024
Snow Brand Australia confirms SafePay ransomware attack | The Australian arm of a Japanese dairy company confirms hack by a newcomer ransomware operation, limited employee data compromised.
ASIC/Waive – November 2024
RansomHub hits ASIC compliance firm in alleged cyber attack | Notorious ransomware gang RansomHub has claimed an attack on the Australian Securities and Investments Commission (ASIC) compliance platform Waive.
ADT Freight Services – November 2024
ADT Freight Services listed as alleged victim by Sarcoma ransomware gang
Micon Office National – November 2024
Wollongong-based Micon Office National confirms ransomware attack
JewishCare – November 2024
NSW healthcare provider JewishCare suffers comprehensive data breach
Followmont Transport – November 2024
Followmont Transport confirms ‘unauthorised access to our systems’
Schneider Electric – November 2024
Schneider Electric allegedly suffers second cyber attack, data published on X
Goodline – November 2024
Australian firm Goodline confirms RansomHub cyber attack | Australian engineering, construction and maintenance services company Goodline has confirmed with Cyber Daily that threat actors launched a cyber attack on its systems.
ANU Enterprise – November 2024
Australian not-for-profit ANU Enterprise (ANUE) has confirmed a ransomware attack on its systems
Australian Nursing Home Foundation – November 2024
1.5TB allegedly stolen in Australian Nursing Home Foundation cyber attack
IBM – October 2024
IBM staff data allegedly leaked in cyber attack | Threat actors claim to have accessed IBM’s network, exfiltrating employee data and publishing it on a popular threat forum.
Ultra Tune – October 2024
Major Australian mechanic Ultra Tune suffers alleged cyber attack
NAB, Vodafone and Microsoft – October 2024
NAB, Vodafone and Microsoft listed in alleged Cisco data breach | Threat actors have claimed a cyber attack on US technology multinational Cisco, claiming to have exfiltrated data belonging to a number of major organisations
The Plastic Bag Company – October 2024
The Plastic Bag Company falls victim to Sarcoma ransomware attack
eVisa Indonesia – October 2024
Passport details of Australians travelling to Bali exposed in e-visa glitch
The Internet Archive – October 2024
Internet Archive down, claims ‘catastrophic’ data breach impacting 31m
What is the Internet Archive, and what could a full-scale hack on its data mean?
Internet Archive suffers third October cyber attack
Meshworks – October 2024
Australian steel fabricator Meshworks suffers alleged Sarcoma ransomware attack | The Sarcoma ransomware gang has claimed to have breached the network of Australian steel fabricator Meshworks.
Western Sydney University – October 2024
Western Sydney University suffers cyber attack, personal data compromised
MoneyGram – October 2024
MoneyGram confirms data breach after major outage
MoneyGram says hackers stole customers’ personal information and transaction data
Internet Archive – October 2024
Internet Archive down, claims ‘catastrophic’ data breach impacting 31m
The Plastic Bag Company – October 2024
The Plastic Bag Company falls victim to Sarcoma ransomware attack
Perfection Fresh – October 2024
Aussie fresh produce company Perfection Fresh confirms ransomware attack
Qantas – October 2024
Qantas customer passports at risk following frequent flyer cyber theft
Road Distribution Services – October 2024
WA firm Road Distribution Services hit by Sarcoma ransomware
Strike Bowling – October 2024
Aussie owner of Strike Bowling and other venues confirms ransomware attack
Deloitte – October 2024
Deloitte internal communications allegedly leaked, firm says client data currently safe
Bloom Hearing Specialists – September 2024
Tens of thousands hit by data breach to Bloom Hearing Specialists
I-MED – September 2024
Data breach exposes tens of thousands of patient files using details shared online for a year
digiDirect – September 2024
304k customer records allegedly stolen from Australian camera and electronics store
Nikpol – September 2024
RansomHub publishes data stolen from Aussie interior solutions firm Nikpol
Compass Group – September 2024
Sydney-based Compass Group confirms Medusa ransomware attack
Fortinet – September 2024
Fortinet suffers third-party data breach affecting Asia-Pacific customers
PODCAST: Fortinet hacked, a data breach in New Zealand, and new privacy laws in Australia
BSG Australia – September 2024
RansomHub claims Aussie fundraising outfit as alleged victim
Protecta Australia – September 2024
Protecta Australia allegedly hacked, database listed for sale
White Mountain Backpacks – September 2024
Rhysida lists Aussie outfitter White Mountain Backpacks as ransomware victim
Swinburne University – September 2024
Swinburne University confirms its Sarawak Campus has been hacked
Australian Cancer Research Foundation – September 2024
Australian Cancer Research Foundation informs donors of ‘data security incident’
All Parks Insurance – August 2024
Australian specialist underwriting agency hit by alleged ransomware attack
Meli – August 2024
Aussie not-for-profit community support service Meli confirms cyber attack
Myelec Electrical Wholesalers – August 2024
Lynx ransomware claims attack on Australian electrical wholesaler
Engedi – August 2024
Rhysida ransomware gang claims hack on disability support organisation Engedi
Adreno – August 2024
Hacker claims successful hack of Adreno, the ‘world’s largest dive store’
FlightAware – August 2024
Flight tracking service FlightAware warns users of ‘data security incident’
Hudson Civil Engineering – August 2024
RansomHub claims hack on Aussie company Hudson Civil Engineering
Kempe Engineering – August 2024
Victorian firm Kempe Engineering listed on RansomHub leak site
Life360 – August 2024
Life360 breach exposes 442,000 users: experts warn of API vulnerabilities
Western Sydney University – August 2024
Personal information accessed as part of WSU data breach
Western Sydney University reveals full scope of January data breach
Western Sydney University provides update on cyber breach that affected thousands
‘Outrageous’: Students fume over massive university data breach
Early Settler – August 2024
Australian furniture retailer Early Settler confirms data breach
McDowall Affleck – August 2024
Aussie engineering firm confirms RansomHub ransomware attack
Insula Group – July 2024
Victorian IT services company Insula confirms BianLian ransomware attack
Wattle Range Council – July 2024
South Australian council confirms LockBit ransomware attack
Healthed – July 2024
Healthed data breach exposes personal details
Healthed data breach exposes participant information
City of Ballarat/OracleCMS – July 2024
Data security incident involving after-hours service provider
Roblox – July 2024
Roblox third party suffers data breach, conference attendees affected
Data Breach Exposes Roblox Creators’ Personal Info
Royal Brighton Yacht Club – July 2024
Victoria’s Royal Brighton Yacht Club confirms Medusa ransomware attack
MediSecure – July 2024
Company at centre of data breach revealed
MediSecure confirms 12.9 million Australians impacted by May data breach
MediSecure data breach affects about 12.9 million Australians
MediSecure confirms 12.9m Australians impacted by May data breach
Optimum Allied Health – July 2024
Optimum Allied Health data breach
Cyber Incident Update
Harry Perkins Institute of Medical Research – July 2024
Exclusive: 4TB of data allegedly leaked in Australian healthcare breach
Medical research group Harry Perkins Institute investigates major cyber security breach
Team Viewer – June 2024
TeamViewer detects data breach as researchers attribute it to APT29
Levi’s Strauss & Co – June 2024
Levi’s customers have pockets picked as cyber attack affects 72,000
Hey You – June 2024
Exclusive: Aussie order-ahead app Hey You hit by an alleged data breach affecting more than 100k
Victorian Auditor-General’s Office – June 2024
Vic gov supplier bank details altered in cyber attacks
North Coast Petroleum – June 2024
Exclusive: Medusa claims hack of Aussie fuel distributor North Coast Petroleum
Victoria Racing Club – June 2024
Exclusive: Medusa ransomware gang demands US$700k payment from Victoria Racing Club
Northern Minerals – June 2024
Second Australian rare-earth mineral company targeted in cyber attack
City of Moreton Bay – June 2024
City of Moreton Bay council launches investigation as private ratepayer information leaked onlineHunters International claims attack on Australian CRM provider
Patties Food – June 2024
Op-Ed: Patties Foods’ ‘data leak’ proves cyber reporting needs to do better
Victorian Freight Specialists – June 2024
Victorian Freight Specialists suffers alleged 800+GB data breach
Panasonic Australia – June 2024
Panasonic Australia confirms cyber incident following Akira ransomware claim
Northern Minerals – June 2024
Aussie rare-earth metals producer Northern Minerals confirms ransomware attack
Ticketmaster / Live Nation – May 2024
Hackers claim Ticketmaster/Live Nation data breach, more than 500m compromised
Live Nation probing Ticketmaster hack
Nissan Oceani | OracleCMS – May 2024
Nissan A/NZ’s outsourced cyber incident call centre breached
Western Sydney University (WSU) – May 2024
Western Sydney University discloses data breach, 7,500 ‘impacted individuals’ notified
XM Group – May 2024
Sydney investment firm suffers alleged data breach affecting more than 400k customers
Architects Accreditation Council of Australia (AACA) – May 2024
OAIC Incident Closure – Third-Party Data Breach
Unnamed Australian Healthcare Organisation – May 2024
NCSC warns of “large-scale ransomware data breach incident” at Australian healthcare org
SUMO – May 2024
Exclusive: Australian energy and internet provider Sumo confirms customer data breach
Clubs NSW – May 2024
Cybercrime detectives investigating potential data breach affecting more than 1 million NSW clubs and Merivale customers
Data & Privacy Breach: 18 NSW Club’s Sign-In Data Exposed – Possibly 1 Million People Affected
Data breach: More than one million Aussies who visited ClubsNSW venues at risk of identity theft
Qantas – May 2024
Qantas breach exposes customer booking details
Qantas investigating reports customers have access to other passengers’ information on app
Qantas customers report privacy breach on airline’s app
SSS Australia – April 2024
SSS Australia falls victim to Hunters International ransomware gang
OracleCMS – April 2024
Huge trove of Australian client data leaked following OracleCMS call centre hack
Vic councils’ after-hours call answering service breached
Victorian councils’ call service affected by OracleCMS breach
Smoke Alarm Solutions – April 2024
Homeowners urged to be vigilant for scams after ‘shocking’ data breach at major smoke alarm provider
Australians ‘exposed’ in smoke alarm service provider data breach: report
Pandemonium Rocks – April 2024
Data breach rocks troubled Pandemonium Rocks music festival
Pandemonium Rocks Music festival hit by new blow as more than 400 ticket holders caught up in data breach
Herron Todd White – April 2024
Valuation firm HTW suspended by banks after data breach
HTW employee details may have been compromised in valuer data breach
Diabetes WA – April 2024
Diabetes WA reveals data breach
Diabetes WA is the latest hacked Australian healthcare organisation
Motorcycle Holdings – April 2024
Australian motorcycle distributor sees websites breached
Cyber attack knocks the kickstand out from ASX-listed motorcycle distributor
Nova Employment – March 2024
Nova Employment is a non-profit organization that provides training, support, and placements to individuals with disabilities.
ACT Container Deposit Scheme – March 2024
Hackers attempt to transfer money from ACT’s container deposit scheme again, in a repeat of a similar attempt in January 2023.
OAIC Notifiable Data Breaches Report – March 2024
What the latest OAIC Notifiable Data Breaches Report means for you
Royal Australian College of General Practitioners – March 2024
Phone numbers, education details stolen in RACGP cyber security breach
Epic Games – February 2024
Fortnite game developer Epic Games allegedly hacked
Epic Games ‘hacker’ Mogilevich admits it was a scam operation
The Department of Communities – February 2024
Whistleblower reveals Department of Communities’ failure to revoke credit card access for ex-employees
Hacker offers the personal details of 25m Aussies for sale – February 2024
Hacker offers the personal details of 25m Aussies for sale
Microsoft Azure – February 2024
Senior executives affected in largest observed Microsoft Azure data breach
Villis Bakery – February 2024
Hackers target iconic South Australian company Vili’s Family Bakery
Tangerine Telecom – February 2024
Tangerine Telecom says customer data of 232,000 affected by ‘cyber incident’
232,000 customers exposed in Tangerine security breach
Internet provider Tangerine suffers cyberattack
CBA-owned Tangerine Telecom in mass data breach
Kadac Australia – February 2024
Kadac Australia hit by Medusa ransomware attack, threat group demands $100k
Australian Human Resources Institute – February 2024
Australian Human Resources Institute warns customers of cyber attack
AnyDesk – February 2024
AnyDesk resets passwords after breach
AnyDesk Hit by Cyberattack That Targeted Production Systems
AnyDesk revokes signing certs, portal passwords after crooks sneak into systems
AnyDesk says hackers breached its production servers, reset passwords
AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web
Elite Supplements – February 2024
Customer data stolen in major Australian supplement brand cyber attack
Cloudflare – February 2024
Cloudflare server breached using old credentials from previous attack
Central Coast Council – February 2024
Central Coast Council cyber attack could affect people nationwide
Football Australia – February 2024
Personal data exposed in Football Australia data leak after database left accessible
LinkedIn, Adobe, Twitter and More – January 2024
26bn records exposed in largest data leak of all time: LinkedIn, Adobe, Twitter and more affected
Quantum Radiology – January 2024
Hacked Sydney radiologist instructs staff to tell customers hack was a technical fault
Nissan Australia – January 2024
The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) is currently managing a cyber incident. Here is the latest information on our incident response.
Hal Leonard Australia – January 2024
Print music giant Hal Leonard Australia falls victim to Qilin ransomware
Binge, Dan Murphys, Guzman y Gomez, The Iconic -January 2024
Hackers target Binge, The Iconic, Dan Murphy’s customers following Australian data breaches
Guzman y Gomez, Dan Murphy’s customers affected in credential stuffing campaign
Labour – January 2024
Labor hit by major government data breach, millions of files stolen from key departments
The Iconic – January 2024
The Iconic responds to hacking claims, promising refunds to customers
The Iconic promises to issue refunds to hacked customers
The Iconic And A Melb Travel Agency Become Target Of Cyber Hacks Impacting 1000s Of Aussies
The Iconic denies responsibility for data breach
The Iconic was hit by criminals taking money by ‘credential stuffing’. How can you stay safe?
Inspiring Vacations – January 2024
Australian travel agency exposes customer data after leaving database publicly accessible
Passports, travel documents exposed in data breach
Inspiring Vacations Hit by Significant Data Breach: 112,000 Travelers Affected
Australian travel agency hit by data breach, leaking passport and travel details of thousands of customers
Personal information of more than 112,000 people exposed in data breach
Australian travel agency exposes customer data after leaving database publicly accessible
Court Services Australia – January 2024
Victorian court systems allegedly breached by Qilin ransomware gang
Hackers hit Victoria’s court recording database
Eagers Automotive – January 2024
Eager Automotive halts trading following cyber attack
Customers warned after major car dealership group Eagers Automotive hacked
LockBit 3.0 Claims Attack on Australian Auto Dealer Eagers
Eagers Auto says outsiders accessed data from IT servers
Eagers Automotive finds unauthorised access to parts of IT systems