Large Australia Energy Provider Hit by a “Cyber Incident” Impacting Small Percentage of Customers

November 30, 2022

One of Australia’s largest energy providers has been hit by a “cyber incident” as a wave of data breaches impact big companies across the nation. AGL reported “elevated levels of suspicious activity” on its “My Account” platform on December 1. 9News understood a small percentage of customers – about 6000 – have been impacted. “Based on current analysis it appears malicious actors have used stolen credentials acquired externally (such as usernames and passwords used elsewhere by customers) to log into a number of customer accounts,”

read more

Overly Delayed Disclosure of Ransomware Attack at Australian Clinical Labs

February 12, 2022

On October 31, Australian Clinical Labs (ACL) disclosed a February 2022 data breach that impacted its Medlab Pathology business. The breach exposed the medical records and other sensitive information of 223,000 people.

Quantum ransomware gang took responsibility for the attack. 86GB stolen files were uploaded on its Tor site on June 14, 2022. Leaked data included patient and employee details, financial reports, invoices, contracts, forms, subpoenas, and other private documents. According to Quantum ransomware’s website, the data leak page for MedLab has been accessed 130,000 times.

read more

Ransomware Attack on ForceNet Communication Platform used by Australian Military

September 10, 2022

Hackers attacked ForceNet’s communications platform used by Australian military personnel and defense staff. The ForceNet service is run by Dialog Information Technology. The Australian Dept. of Veteran Affairs’ website states: “Defence has announced that it has been informed that an external ICT service provider which facilitates ForceNet has been subject to a ransomware attack. ForceNet is a Defence e-communications platform used to connect registered users within secure online communities. To be clear, this is not an attack on Defence ICT”
ITWire in Australia reports on 31 October that Dialog was hit by an attack which used the Agenda ransomware that runs only on Windows. The group behind the attack, Qilin, announced it on the dark web on 19 September.

This is the 9th attack in little over a month, affecting Australia’s biggest companies, likely exposing the details of millions of customers.

read more

Australian Health Insurance Firm Medibank Hit by Ransomware Attack

October 12, 2022

Major Australian health insurance provider Medibank Private Limited disclosed being hit by a ransomware attack on October 12. The attack resulted in a temporary service outage, which has since been resolved. The company claim that no systems were encrypted during the attack.

UPDATE 07Nov22: Medibank Says Hacker Accessed Data Of 9.7 Million Customers, Refuses To Pay Ransom

read more

Aussie Woolworths Online Unit, MyDeal, Suffers Data Breach

October 14, 2022

Australia’s Woolworths Group Ltd’s majority-owned online retailer MyDeal said a “compromised user credential” ended up exploited Friday to access its systems that left 2.2 million users exposed.
MyDeal’s exposed customer data includes names, email addresses, phone numbers, delivery addresses, and in some instances date of birth of the customers, the Sydney-based retailer said in an advisory.
It further clarified that MyDeal’s website and application were not impacted, and none of the other platforms of Woolworths group were compromised.

read more

Optus, Aussie Telecom Firm, Hit In Cyberattack

September 22, 2022

Optus, the Australian unit of telecoms firm Singapore Telecommunications is investigating the unauthorized access of current and former customers’ information.
Optus said in a statement it had immediately shut down the attack after discovering it, and that payment details and account passwords had not been compromised.
However, information that may have been exposed include customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s license or passport numbers.

read more

One of Australia’s Largest Prisons Caught up in Cyberattack.

July 7, 2022

The Port Phillip Prison in Melbourne’s west computer systems fell victim to cyberattack believed to involve a ransom attack compromising G4S’s nationwide database. “G4S Australia Holdings have confirmed the incident involves data stored on their national corporate IT network,” the spokesperson said.

The Port Phillip prison run by G4S, which currently houses 1000 inmates, has increased security and suspended prisoner visits.

read more

Cyberattack: Surgeries Postponed At Melbourne Hospitals.

March 16, 2021

A number of hospitals in Melbourne shut down elective surgeries after a suspected cyber attack on its computer network. Healthcare centers in the city’s east run by Eastern Health were forced to postpone the surgeries and shutdown several IT systems. The hospitals affected (Box Hill, Maroondah, Healesville and Angliss) continued with category 1 elective surgeries, which impacted patients who require treatment within 30 days – all other operations stopped.

The company issued a statement on the issue, confirming their system had been taken offline until they identified the problem but stressed that no patient information had been leaked.

read more

CS Energy Hit In Ransomware Attack

November 27, 2021

The incident occurred Nov. 27 on CS Energy’s corporate network and did not have an impact on electricity generation at the Callide and Kogan Creek power stations, officials said. Those stations are continuing to generate and dispatch electricity into the National Electricity Market.

read more

Attack Shuts Operations of Global Meat Provider

May 30, 2021

Australian and North American units of the world’s largest meat works, Brazil’s JBS SA, suffered a cyberattack over the weekend by an assault on its information systems, effectively shutting down at least 9 plants in the USA, one in Canada and one in Australia. Shutdowns lasted 2 days.

JBS produces 23% of America’s meat.

read more