2024 - Data Breach Notifications in Australia

2024 in Numbers

• Who was hacked by whom, and what trends did we see emerge?

CellOPark – December 2024

• CellOPark responds to Brisbane council parking app data breach fears | Data breach fears after parking app’s bizarre emails

WACER & University of Sydney-Based Fresh Produce Safety Centre

Australia & New Zealand – December 2024

• Funksec ransomware gang allegedly targets pair of Aussie companies | Ransomware operators share data stolen from a West Australian cleaning supplier and ANZ food safety not-for-profit, but the “leaks” are exceedingly minor.

Waverley Christian College – December 2024

• Waverley Christian College confirms cyber incident after ransomware gang claims attack | The Fog ransomware group claims to have stolen five gigabytes of data from the exclusive Victorian school.

Ainsworth Game Technology – December 2024

• Medusa claims 852.4GB of data stolen from Ainsworth Game Technology | The Medusa ransomware group has claimed a ransomware attack on an Australia-operated digital slots and gaming machine manufacturer.

Thanks for the Help (TFTH) – December 2024

• KillSec ransomware claims breach on Australian educational support platform | Threat actors have claimed a ransomware attack on Australian private educational support firm Thanks For the Help (TFTH).

Nicholsons Solicitors – December 2024

• Alleged hack on Qld firm exposes unprotected data | A ransomware gang claimed it has a raft of client documents that was left unprotected when a Queensland law firm closed its doors.

Equinox – November 2024

• Equinox discloses data breach involving health info of clients, staff

Amazon – November 2024

• Amazon says employee data impacted in third-party breach
• MOVEit vulnerability sees Amazon, McDonald’s, HSBC, and more employee data leaked

Coroners Court of Victoria and Tasmanian Chamber of Commerce and Industry – November 2024

• NoName targets at least 9 Australian organisations, Victorian Coroners Court confirms incident | The infamous NoName ransomware gang has claimed cyber attacks on a number of Australian organisations and government agencies.

Finsure – November 2024

• Aussie mortgage broker Finsure confirms ‘cyber incident’ impacting customers and brokers | Finsure has confirmed the incident after “almost 300,000 unique” alleged Finsure emails were added to the data leak website Have I Been Pwned.

Telstra – November 2024

• Alleged Telstra employee data listed for sale by threat actor | The threat actor claims to have the data of over 44,000 employees.

Snow Brand Australia- November 2024

• Snow Brand Australia confirms SafePay ransomware attack | The Australian arm of a Japanese dairy company confirms hack by a newcomer ransomware operation, limited employee data compromised.

ASIC/Waive – November 2024

• RansomHub hits ASIC compliance firm in alleged cyber attack | Notorious ransomware gang RansomHub has claimed an attack on the Australian Securities and Investments Commission (ASIC) compliance platform Waive.



ADT Freight Services – November 2024

• ADT Freight Services listed as alleged victim by Sarcoma ransomware gang

Micon Office National – November 2024

• Wollongong-based Micon Office National confirms ransomware attack

JewishCare – November 2024

• NSW healthcare provider JewishCare suffers comprehensive data breach

Followmont Transport – November 2024

• Followmont Transport confirms ‘unauthorised access to our systems’

Schneider Electric – November 2024

• Schneider Electric allegedly suffers second cyber attack, data published on X

CISCO – November 2024

• Cisco confirms cyber attack but says systems not breached

Goodline – November 2024

• Australian firm Goodline confirms RansomHub cyber attack | Australian engineering, construction and maintenance services company Goodline has confirmed with Cyber Daily that threat actors launched a cyber attack on its systems.

Nokia – November 2024

• Nokia source code allegedly stolen in third-party cyber attack

ANU Enterprise – November 2024

• Australian not-for-profit ANU Enterprise (ANUE) has confirmed a ransomware attack on its systems

Australian Nursing Home Foundation – November 2024

• 1.5TB allegedly stolen in Australian Nursing Home Foundation cyber attack

IBM – October 2024

• IBM staff data allegedly leaked in cyber attack | Threat actors claim to have accessed IBM’s network, exfiltrating employee data and publishing it on a popular threat forum.

Ultra Tune – October 2024

• Major Australian mechanic Ultra Tune suffers alleged cyber attack

NAB, Vodafone and Microsoft – October 2024

• NAB, Vodafone and Microsoft listed in alleged Cisco data breach | Threat actors have claimed a cyber attack on US technology multinational Cisco, claiming to have exfiltrated data belonging to a number of major organisations

The Plastic Bag Company – October 2024

• The Plastic Bag Company falls victim to Sarcoma ransomware attack

eVisa Indonesia – October 2024

• Passport details of Australians travelling to Bali exposed in e-visa glitch

The Internet Archive – October 2024

• Internet Archive down, claims ‘catastrophic’ data breach impacting 31m
• What is the Internet Archive, and what could a full-scale hack on its data mean?
• Internet Archive suffers third October cyber attack

Meshworks – October 2024

• Australian steel fabricator Meshworks suffers alleged Sarcoma ransomware attack | The Sarcoma ransomware gang has claimed to have breached the network of Australian steel fabricator Meshworks.

Western Sydney University – October 2024

• Western Sydney University suffers cyber attack, personal data compromised

MoneyGram – October 2024

• MoneyGram confirms data breach after major outage | Global transfer giant loses IDs, transaction details
• MoneyGram says hackers stole customers’ personal information and transaction data

Internet Archive – October 2024

• Internet Archive down, claims ‘catastrophic’ data breach impacting 31m

The Plastic Bag Company – October 2024

• The Plastic Bag Company falls victim to Sarcoma ransomware attack

Perfection Fresh – October 2024

• Aussie fresh produce company Perfection Fresh confirms ransomware attack

Qantas – October 2024

• Qantas customer passports at risk following frequent flyer cyber theft

Road Distribution Services – October 2024

• WA firm Road Distribution Services hit by Sarcoma ransomware

Strike Bowling – October 2024

• Aussie owner of Strike Bowling and other venues confirms ransomware attack

Deloitte – October 2024

• Deloitte internal communications allegedly leaked, firm says client data currently safe

Fortinet – September 2024

• Fortinet breach exposes 440GB of data; no ransom paid

Bloom Hearing Specialists – September 2024

• Tens of thousands hit by data breach to Bloom Hearing Specialists

I-MED – September 2024

• Data breach exposes tens of thousands of patient files using details shared online for a year

digiDirect – September 2024

• 304k customer records allegedly stolen from Australian camera and electronics store

Nikpol – September 2024

• RansomHub publishes data stolen from Aussie interior solutions firm Nikpol

Dell – September 2024

• Dell allegedly breached twice in 1 weekend

Temu – September 2024

• Temu denies 87m record data breach claims

Total Tools – September 2024

• 38,000 Total Tools shoppers compromised in data leak

Compass Group – September 2024

• Sydney-based Compass Group confirms Medusa ransomware attack

Power Diary – September 2024

• Patients sent spam emails in practice software breach

Fortinet – September 2024

• Fortinet suffers third-party data breach affecting Asia-Pacific customers
• PODCAST: Fortinet hacked, a data breach in New Zealand, and new privacy laws in Australia

BSG Australia – September 2024

• RansomHub claims Aussie fundraising outfit as alleged victim

Avis – September 2024

• Avis car rental suffers cyber attack affecting customer data

Protecta Australia – September 2024

• Protecta Australia allegedly hacked, database listed for sale

White Mountain Backpacks – September 2024

• Rhysida lists Aussie outfitter White Mountain Backpacks as ransomware victim

Swinburne University – September 2024

• Swinburne University confirms its Sarawak Campus has been hacked

Australian Cancer Research Foundation – September 2024

• Australian Cancer Research Foundation informs donors of ‘data security incident’

Bloom Hearing – August 2024

• National hearing services provider hit by ransomware attack

Regent Caravans – August 2024

• Melbourne-based Regent Caravans confirms RansomHub attack

All Parks Insurance – August 2024

• Australian specialist underwriting agency hit by alleged ransomware attack

Meli – August 2024

• Aussie not-for-profit community support service Meli confirms cyber attack

Myelec Electrical Wholesalers – August 2024

• Lynx ransomware claims attack on Australian electrical wholesaler

Engedi – August 2024

• Rhysida ransomware gang claims hack on disability support organisation Engedi

Adreno – August 2024

• Hacker claims successful hack of Adreno, the ‘world’s largest dive store’

Evolution Mining – August 2024

• Australia’s Evolution Mining targeted in latest cyber attack

FlightAware – August 2024

• Flight tracking service FlightAware warns users of ‘data security incident’

Hudson Civil Engineering – August 2024

• RansomHub claims hack on Aussie company Hudson Civil Engineering

Kempe Engineering – August 2024

• Victorian firm Kempe Engineering listed on RansomHub leak site

Life360 – August 2024

• Life360 breach exposes 442,000 users: experts warn of API vulnerabilities

Western Sydney University – August 2024

• Personal information accessed as part of WSU data breach
• Western Sydney University reveals full scope of January data breach
• Western Sydney University provides update on cyber breach that affected thousands
• ‘Outrageous’: Students fume over massive university data breach

Early Settler – August 2024

• Australian furniture retailer Early Settler confirms data breach

McDowall Affleck – August 2024

• Aussie engineering firm confirms RansomHub ransomware attack

Insula Group – July 2024

• Victorian IT services company Insula confirms BianLian ransomware attack

Wattle Range Council – July 2024

• South Australian council confirms LockBit ransomware attack

Healthed – July 2024

• Healthed data breach exposes personal details
• Healthed data breach exposes participant information

City of Ballarat/OracleCMS – July 2024

• Data security incident involving after-hours service provider

Roblox – July 2024

• Roblox third party suffers data breach, conference attendees affected
• Data Breach Exposes Roblox Creators’ Personal Info

Royal Brighton Yacht Club – July 2024

• Victoria’s Royal Brighton Yacht Club confirms Medusa ransomware attack

MediSecure – July 2024

• MediSecure confirms 12.9 million Australians impacted by May data breach
• MediSecure data breach affects about 12.9 million Australians
• MediSecure confirms 12.9m Australians impacted by May data breach

Optimum Allied Health – July 2024

• Cyber Incident Update
• Optimum Allied Health data breach

Harry Perkins Institute of Medical Research – July 2024

• Exclusive: 4TB of data allegedly leaked in Australian healthcare breach
• Medical research group Harry Perkins Institute investigates major cyber security breach

Evolve Bank & Trust – June 2024

• 7.6m impacted in Evolve breach, Wise customers affected

Team Viewer – June 2024

• TeamViewer detects data breach as researchers attribute it to APT29

Yarra Council – June 2024

• Yarra council in ‘serious’ double data breach after online leak

Levi’s Strauss & Co – June 2024

• Levi’s customers have pockets picked as cyber attack affects 72,000

Hey You – June 2024

• Exclusive: Aussie order-ahead app Hey You hit by an alleged data breach affecting more than 100k

Victorian Auditor-General’s Office – June 2024

• Vic gov supplier bank details altered in cyber attacks

North Coast Petroleum – June 2024

• Exclusive: Medusa claims hack of Aussie fuel distributor North Coast Petroleum

Victoria Racing Club – June 2024

• Exclusive: Medusa ransomware gang demands US$700k payment from Victoria Racing Club

Northern Minerals – June 2024

• Second Australian rare-earth mineral company targeted in cyber attack

Legrand CRM – June 2024

• Hunters International claims attack on Australian CRM provider

City of Moreton Bay – June 2024

• City of Moreton Bay council launches investigation as private ratepayer information leaked online

Patties Food – June 2024

• Op-Ed: Patties Foods’ ‘data leak’ proves cyber reporting needs to do better

Victorian Freight Specialists – June 2024

• Victorian Freight Specialists suffers alleged 800+GB data breach

Panasonic Australia – June 2024

• Panasonic Australia confirms cyber incident following Akira ransomware claim

Northern Minerals – June 2024

• Aussie rare-earth metals producer Northern Minerals confirms ransomware attack

Ticketek – May 2024

• Ticketek discloses cyber incident on external cloud platform

Shell – May 2024

• Aussies affected in alleged Shell fuel data breach

Ticketmaster / Live Nation – May 2024

• Hackers claim Ticketmaster/Live Nation data breach, more than 500m compromised
• Live Nation probing Ticketmaster hack

Advance Press – May 2024

• Aussie printing company suffers alleged 300Gb data breach

Nissan Oceani | OracleCMS – May 2024

• Nissan A/NZ’s outsourced cyber incident call centre breached

MediSecure – May 2024

• OAIC releases statement on MediSecure data breach

Western Sydney University (WSU) – May 2024

• Western Sydney University discloses data breach, 7,500 ‘impacted individuals’ notified

XM Group – May 2024

• Sydney investment firm suffers alleged data breach affecting more than 400k customers

Architects Accreditation Council of Australia (AACA) – May 2024

• OAIC Incident Closure – Third-Party Data Breach

Unnamed Australian Healthcare Organisation – May 2024

• NCSC warns of “large-scale ransomware data breach incident” at Australian healthcare org

SUMO – May 2024

• Exclusive: Australian energy and internet provider Sumo confirms customer data breach

Dell Computers – May 2024

• Dell warns of data breach affecting 49m customers

Monash Health – May 2024

• Monash Health caught up in ZircoDATA ransomware data breach

Clubs NSW – May 2024

• Cybercrime detectives investigating potential data breach affecting more than 1 million NSW clubs and Merivale customers
• Data & Privacy Breach: 18 NSW Club’s Sign-In Data Exposed – Possibly 1 Million People Affected
• Data breach: More than one million Aussies who visited ClubsNSW venues at risk of identity theft

Data Breach Tsunami Hits Australia

• Records shatter with 388% spike in Q1 2024

Qantas – May 2024

• Qantas breach exposes customer booking details
• Qantas investigating reports customers have access to otherpassengers’ information on app
• Qantas customers report privacy breach on airline’s app

SSS Australia – April 2024

• SSS Australia falls victim to Hunters International ransomware gang

Mt Hira College – April 2024

• Mt Hira College suffers alleged student email data breach

Ambulance Victoria – April 2024

• Paramedics’ mobile numbers ‘exposed’ in data breach

Firstmac – April 2024

• Firstmac hackers claim tax file numbers

Aussizz Group – April 2024

• Aussizz Group data breach
• Aussizz Group Data Breach

OracleCMS – April 2024

• Huge trove of Australian client data leaked following OracleCMS call centre hack
• Vic councils’ after-hours call answering service breached
• Victorian councils’ call service affected by OracleCMS breach

Smoke Alarm Solutions – April 2024

• Homeowners urged to be vigilant for scams after ‘shocking’ data breach at major smoke alarm provider
• Australians ‘exposed’ in smoke alarm service provider data breach: report

DJI – April 2024

• DJI suffers alleged data breach at the hands of R00TK1T

Pandemonium Rocks – April 2024

• Data breach rocks troubled Pandemonium Rocks music festival
• Pandemonium Rocks Music festival hit by new blow as more than 400 ticket holders caught up in data breach

Telstra Opticomm – April 2024

• Telstra Opticomm customer data exposed in leaked file

BHF Couriers – April 2024

• BHF Couriers denies credit card data breach

Roku – April 2024

• Roku suffered another data breach, this time affecting 576,000 accounts

Herron Todd White – April 2024

• Valuation firm HTW suspended by banks after data breach
• HTW employee details may have been compromised in valuer data breach

Suncorp Bank – April 2024

• Suncorp’s bank suffers breach, customer funds stolen

Diabetes WA – April 2024

• Diabetes WA reveals data breach
• Diabetes WA is the latest hacked Australian healthcare organisation

Motorcycle Holdings – April 2024

• Australian motorcycle distributor sees websites breached
• Cyber attack knocks the kickstand out from ASX-listed motorcycle distributor

Aussizz Group – April 2024

• 300GB allegedly stolen from Australian immigration consultancy

Nova Employment – March 2024

• Nova Employment is a non-profit organization that provides training, support, and placements to individuals with disabilities.

Vans – March 2024

• Vans warns customers of scammers following ALPHV data breach

Fujitsu – March 2024

• Tech giant Fujitsu says it was hacked, warns of data breach

IMF – March 2024

• IMF investigates data breach affecting email accounts | The International Monetary Fund (IMF) has disclosed a cyber incident it discovered last month, in which a number of its email accounts were breached.

McDonald’s – March 2024

• McDonald’s denies cyber attack was cause of global outage

ACT Container Deposit Scheme – March 2024

• Hackers attempt to transfer money from ACT’s container deposit scheme again, in a repeat of a similar attempt in January 2023.

OAIC Notifiable Data Breaches Report – March 2024

• What the latest OAIC Notifiable Data Breaches Report means for you

American Express – March 2024

• Customers exposed in third-party breach | American Express customers are being notified that their account information may have been exposed after a third party suffered a data breach.

Royal Australian College of General Practitioners – March 2024

• Phone numbers, education details stolen in RACGP cyber security breach

Nissan – March 2024

• Nissan contacting 100,000 A/NZ customers after December breach

GaP Solutions – March 2024

• GaP Solutions bit by LockBit ransomware attack | The Australian retail software vendor responds to cyber attack from resurrected ransomware gang.

HVD.HOST – March 2024

• Raft of Australian companies compromised in hosting service hack | The Black Basta ransomware gang has posted details of a hack affecting nearly a dozen Australian organisations.

Epic Games – February 2024

• Fortnite game developer Epic Games allegedly hacked | A ransomware gang claims to have nearly 200 gigabytes of internal data, but Epic Games says there is no evidence of any compromise.
• Epic Games ‘hacker’ Mogilevich admits it was a scam operation

The Department of Communities – February 2024

• Whistleblower reveals Department of Communities’ failure to revoke credit card access for ex-employees

Hacker offers the personal details of 25m Aussies for sale – February 2024

• Hacker offers the personal details of 25m Aussies for sale

Microsoft – February 2024

• Microsoft patches 80 vulnerabilities | Two bugs under exploit, plus other critical patches

Microsoft Azure – February 2024

• Senior executives affected in largest observed Microsoft Azure data breach | A Microsoft Azure cloud takeover campaign has resulted in the largest data breach ever seen by the platform, compromising hundreds of accounts, including those of executives, according to a new report.

Villis Bakery – February 2024

• Hackers target iconic South Australian company Vili’s Family Bakery

Tangerine Telecom – February 2024

• Tangerine Telecom says customer data of 232,000 affected by ‘cyber incident’
• 232,000 customers exposed in Tangerine security breach
• Internet provider Tangerine suffers cyberattack
• CBA-owned Tangerine Telecom in mass data breach

Kadac Australia – February 2024

• Kadac Australia hit by Medusa ransomware attack, threat group demands $100k

Balmain – February 2024

• Lender’s website down 10 days after major hack

Australian Human Resources Institute – February 2024

• Australian Human Resources Institute warns customers of cyber attack | AHRI has sent out emails warning of malware that could have been spreading fake browser updates

AnyDesk – February 2024

• AnyDesk resets passwords after breach
• AnyDesk Hit by Cyberattack That Targeted Production Systems
• AnyDesk revokes signing certs, portal passwords after crooks sneak into systems
• AnyDesk says hackers breached its production servers, reset passwords
• AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web

Elite Supplements – February 2024

• Customer data stolen in major Australian supplement brand cyber attack

Cloudflare – February 2024

• Cloudflare server breached using old credentials from previous attack

Europcar – February 2024

• Europcar denies alleged data breach affecting 50m

Central Coast Council – February 2024

• Central Coast Council cyber attack could affect people nationwide

Football Australia – February 2024

• Personal data exposed in Football Australia data leak after database left accessible

Canberra Medical Centre – January 2024

• Patient data hacked at Canberra medical centre

LinkedIn, Adobe, Twitter and More – January 2024

• 26bn records exposed in largest data leak of all time: LinkedIn, Adobe, Twitter and more affected

Quantum Radiology – January 2024

• Hacked Sydney radiologist instructs staff to tell customers hack was a technical fault

Nissan Australia – January 2024

• The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) is currently managing a cyber incident. Here is the latest information on our incident response.

Hal Leonard Australia – January 2024

• Print music giant Hal Leonard Australia falls victim to Qilin ransomware

Binge, Dan Murphys, Guzman y Gomez, The Iconic -January 2024

• Hackers target Binge, The Iconic, Dan Murphy’s customers following Australian data breaches
• Guzman y Gomez, Dan Murphy’s customers affected in credential stuffing campaign

Labour – January 2024

• Labor hit by major government data breach, millions of files stolen from key departments

The Iconic – January 2024

• The Iconic responds to hacking claims, promising refunds to customers
• The Iconic promises to issue refunds to hacked customers
• The Iconic And A Melb Travel Agency Become Target Of Cyber Hacks Impacting 1000s Of Aussies
• The Iconic denies responsibility for data breach
• The Iconic was hit by criminals taking money by ‘credential stuffing’. How can you stay safe?

Inspiring Vacations – January 2024

• Australian travel agency exposes customer data after leaving database publicly accessible
• Passports, travel documents exposed in data breach
• Inspiring Vacations Hit by Significant Data Breach: 112,000 Travelers Affected
• Australian travel agency hit by data breach, leaking passport and travel details of thousands of customers
• Personal information of more than 112,000 people exposed in data breach
• Australian travel agency exposes customer data after leaving database publicly accessible

Court Services Australia – January 2024

• Victorian court systems allegedly breached by Qilin ransomware gang | Victoria’s courts have been hit by a cyber attack allegedly at the hands of Russia-based hackers.
• Hackers hit Victoria’s court recording database

Yakult Australia – January 2024

• Yakult Australia confirms cyber incident | Investigating extent of system and data access by threat actor.

Eagers Automotive – January 2024

• Eager Automotive halts trading following cyber attack | Australian vehicle dealership giant Eagers Automotive has announced that it suffered a systems outage as a result of a cyber attack.
• Customers warned after major car dealership group Eagers Automotive hacked
• LockBit 3.0 Claims Attack on Australian Auto Dealer Eagers
• Eagers Auto says outsiders accessed data from IT servers
• Eagers Automotive finds unauthorised access to parts of IT systems

Reference and Credit goes to Webber Insurance