Cyber ​​attacks have been occurring in Australia since the end of 2022 – 29 September 2023 at 06:56

Australian companies have suffered several cyberattacks since September 2022, highlighting staffing shortages in the country’s cybersecurity sector, which experts say appears ill-equipped to handle such breaches, putting companies at risk of people’s sensitive information.

Here is a list of companies that have been subjected to data breaches:

Optus

Australia’s second-largest mobile operator, a subsidiary of Singapore Telecom, was the first to report the data breach in September, which affected up to 10 million customers, or about 40% of the country’s population. The exposed data included home addresses, driver’s licenses and passport numbers.

Woolworths

Woolworths Group Ltd, Australia’s largest grocer, said in October that online retailer MyDeal, of which it is the majority shareholder, had determined that a “compromised user ID” had been used to access its systems, leading to the disclosure… Email addresses, phone numbers and shipping. Addresses of approximately 2.2 million customers.

Forcent

Australian Deputy Defense Minister Matt Thistlethwaite said on October 31 that hackers targeted a communications platform used by the country’s military and defense personnel with a ransomware attack, but no data was found to have been compromised.

Detailed log

IT services consulting firm Dailog, another unit of the Singapore telecommunications company, said it faced a cyberattack that likely affected 1,000 current and former employees and fewer than 20 clients, the company said on October 10.

Australian Clinical Laboratories

Medlab, a unit of Australia Clinical Labs Ltd, one of the country’s largest pathology providers, suffered a hack in the same month that exposed data about 223,000 patients.

Medibank

Health insurer Medibank Private, which covers about a sixth of Australians, said in November that the personal data and large amounts of health claims data of about 9.7 million of its current and former customers had been compromised, forcing it to announce lower profits and withdraw its forecasts for a major index.

On June 20, Medibank confirmed that a file containing the names and contact details of employees had been compromised after its property manager experienced a cybersecurity breach.

Telstra

Telstra, Australia’s largest telecoms operator, suffered what it described as a small data breach in early October, which exposed data on about 30,000 current and former employees dating back to 2017.

On December 11, Telstra said 132,000 customers were affected by an internal error that led to some customer details being exposed.

BWX

Skin and hair care products maker BWX Ltd. said in November that malicious code had been “illegally” inserted onto one of its websites, potentially compromising the credit card numbers and expiration dates of about 2,500 customers.

TPG Communications

TPG Telecom, Australia’s second-largest internet service provider, said in December it had been made aware of unauthorized access to a hosted exchange service that hosted the email accounts of about 15,000 business customers.

CBA

The Commonwealth Bank of Australia said on March 8 that its Indonesian unit, PT Bank Commonwealth (PTBC), was involved in a cyber incident involving unauthorized access to a web-based software application used to manage projects.

IPH

Days later, Australian intellectual property services company IPH Ltd said it had detected unauthorized access to part of its IT environment, putting information such as administrative documents and some client documents at risk.

Latitude

Australian digital payments and lending company Latitude Group Holdings Ltd said on March 16 that a hacker stole personal information held by two service providers, resulting in the compromise of about 103,000 identity documents and 225,000 customer records.

On April 11, the company said it would not pay a ransom to hackers because it saw no guarantee that payment would result in the return or destruction of stolen data, and it did not want to reward criminal behavior.

Technology

The Australian Technology One Ltd company announced on May 10 that it was able to detect non-automated tiers in back-office systems, which prevented them from developing a series of cyberattacks that included enterprises that paid. Since last year.

Smart payment

New Zealand-based Smartpay Holdings has revealed a ransomware attack confirming the theft of customer information in Australia and New Zealand, becoming the latest victim in a series of cyberattacks in the region.

coincidence

Shell Plc said on September 15 that it had identified a cybersecurity incident involving some employees who worked with its BG Group unit in Australia before the merger, becoming the latest victim of the MOVEit hack.

First energy

Australian software provider Energy One said on September 29 that it had detected no evidence of malicious activity on its customers’ systems after identifying a cyber incident in August. The company’s investigations found no evidence that the personal information of its current and former employees was compromised, the company said, adding that Energy One continues to trade securely.