Australia

February 12, 2022: Overly Delayed Disclosure of Ransomware Attack at Australian Clinical Labs

On October 31, Australian Clinical Labs (ACL) disclosed a February 2022 data breach that impacted its Medlab Pathology business. The breach exposed the medical records and other sensitive information of 223,000 people.

Quantum ransomware gang took responsibility for the attack. 86GB stolen files were uploaded on its Tor site on June 14, 2022. Leaked data included patient and employee details, financial reports, invoices, contracts, forms, subpoenas, and other private documents. According to Quantum ransomware’s website, the data leak page for MedLab has been accessed 130,000 times.

September 10, 2022: Ransomware Attack on ForceNet Communication Platform used by Australian Military

Hackers attacked ForceNet's communications platform used by Australian military personnel and defense staff. The ForceNet service is run by Dialog Information Technology. The Australian Dept. of Veteran Affairs' website states: "Defence has announced that it has been informed that an external ICT service provider which facilitates ForceNet has been subject to a ransomware attack. ForceNet is a Defence e-communications platform used to connect registered users within secure online communities. To be clear, this is not an attack on Defence ICT"
ITWire in Australia reports on 31 October that Dialog was hit by an attack which used the Agenda ransomware that runs only on Windows. The group behind the attack, Qilin, announced it on the dark web on 19 September.

This is the 9th attack in little over a month, affecting Australia's biggest companies, likely exposing the details of millions of customers.

October 12, 2022: Australian Health Insurance Firm Medibank Hit by Ransomware Attack

Major Australian health insurance provider Medibank Private Limited disclosed being hit by a ransomware attack on October 12. The attack resulted in a temporary service outage, which has since been resolved. The company claim that no systems were encrypted during the attack.

UPDATE October 26: Medibank says all customers' personal data compromised by cyber attack. The hack impacts about 4 million current customers along with an unknown number of former customers too.

October 14, 2022: Aussie Woolworths Online Unit, MyDeal, Suffers Data Breach

Australia’s Woolworths Group Ltd’s majority-owned online retailer MyDeal said a “compromised user credential” ended up exploited Friday to access its systems that left 2.2 million users exposed.
MyDeal’s exposed customer data includes names, email addresses, phone numbers, delivery addresses, and in some instances date of birth of the customers, the Sydney-based retailer said in an advisory.
It further clarified that MyDeal’s website and application were not impacted, and none of the other platforms of Woolworths group were compromised.

September 22, 2022: Optus, Aussie Telecom Firm, Hit In Cyberattack

Optus, the Australian unit of telecoms firm Singapore Telecommunications is investigating the unauthorized access of current and former customers’ information.
Optus said in a statement it had immediately shut down the attack after discovering it, and that payment details and account passwords had not been compromised.
However, information that may have been exposed include customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s license or passport numbers.

July 7, 2022: One of Australia’s Largest Prisons Caught up in Cyberattack.

The Port Phillip Prison in Melbourne’s west computer systems fell victim to cyberattack believed to involve a ransom attack compromising G4S’s nationwide database. “G4S Australia Holdings have confirmed the incident involves data stored on their national corporate IT network,” the spokesperson said.

The Port Phillip prison run by G4S, which currently houses 1000 inmates, has increased security and suspended prisoner visits.

March 16, 2021: Cyberattack: Surgeries Postponed At Melbourne Hospitals.

A number of hospitals in Melbourne shut down elective surgeries after a suspected cyber attack on its computer network. Healthcare centers in the city's east run by Eastern Health were forced to postpone the surgeries and shutdown several IT systems. The hospitals affected (Box Hill, Maroondah, Healesville and Angliss) continued with category 1 elective surgeries, which impacted patients who require treatment within 30 days - all other operations stopped.

The company issued a statement on the issue, confirming their system had been taken offline until they identified the problem but stressed that no patient information had been leaked.

November 27, 2021: CS Energy Hit In Ransomware Attack

The incident occurred Nov. 27 on CS Energy’s corporate network and did not have an impact on electricity generation at the Callide and Kogan Creek power stations, officials said. Those stations are continuing to generate and dispatch electricity into the National Electricity Market.

May 30, 2021: Attack Shuts Operations of Global Meat Provider

Australian and North American units of the world’s largest meat works, Brazil’s JBS SA, suffered a cyberattack over the weekend by an assault on its information systems, effectively shutting down at least 9 plants in the USA, one in Canada and one in Australia. Shutdowns lasted 2 days.

JBS produces 23% of America's meat.

January 1, 2009: Faulty Software Causes Torrens Lake Drain

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

Pin It on Pinterest

Scroll to Top