Copy of 2025 (updated regularly) - Data Breach Notifications in Australia

United Australia Party – July 2025

• UAP confirms ransomware attack, personal data and email correspondence exposed | Clive Palmer’s United Australia Party has informed its members of a data breach, but admits “it is impracticable to notify individuals”.

Office of the Migration Agents Registration Authority – July 2025

• Australian Office of the Migration Agents Registration Authority discloses accidental data breach | OMARA has disclosed that an accidental data breach saw the details of six registered migration agents inadvertently shared online.

O&G (Obstetrics and Gynaecology) – July 2025

• Adelaide women’s health clinic confirms cyber attack | Threat actors have launched a cyber attack on an Australian women’s healthcare centre, claiming to have exfiltrated sensitive patient data.

Qantas – July 2025

• Qantas has confirmed the theft of customer data in a cyberattack | Up to six million customers could be affected by call centre hack, names, email addresses, phone numbers, birth dates, and frequent flyer numbers inpacted.

Vertel – June 2025

• Aussie MSP Vertel confirms Space Bears ransomware attack | Hackers threaten to publish stolen data within days as leak site entry viewed more than 1,300 times.

Pressure Dynamics – June 2025

• WA-based Pressure Dynamics confirms DragonForce ransomware attack | Hackers have published more than 100 gigabytes of data exfiltrated from an Australian hydraulics company.

Skeggs Goldstien – June 2025

• Aussie financial services firm Skeggs Goldstien confirms Qilin ransomware attack | NSW-based financial services firm Skeggs Goldstien has confirmed it is investigating a cyber security incident after the company was listed on a ransomware leak site overnight.

3P Corporation – May 2025

• Melbourne-based 3P Corporation breached by Space Bears ransomware | Financial services aggregate 3P Corporation denies April data breach; however, more than 200 gigabytes of internal documents and customer data have been published online by hackers.

The Legal Practice Board of Western Australia – May 2025

• Legal Practice Board of Western Australia confirms Dire Wolf ransomware attack | “The Legal Practice Board (the board) is currently investigating a cyber incident which has resulted in some of its systems being taken offline, including the board’s online services,”

MKA Accountants – May 2025

• MKA Accountants confirms Qilin ransomware attack | A Victorian accounting firm has been listed as a ransomware victim, with internal documents posted to the dark web.

Australian Human Rights Commission (AHRC) – May 2025

• Personal information exposed by Australian Human Rights Commission data breach | More than 600 submissions to the AHRC were accidentally disclosed online between early April and May.

Watkins Steel – May 2025

• Aussie steel subcontractor Watkins Steel confirms Akira ransomware attack | The Akira ransomware operation has listed Australian firm Watkins Steel on its darknet leak site, claiming to have stolen 17 gigabytes of data in a ransomware attack.

Hertz – April 2025

• Hertz says customers’ personal data and driver’s licenses stolen in data breach | The rental company, which also owns the Dollar and Thrifty brands, said in notices on its website that the breach relates to a cyberattack on one of its vendors between October 2024 and December 2024.

The Fullerton Hotel Sydney – April 2025

• The Fullerton Hotels and Resorts confirms hack impacting The Fullerton Hotel Sydney | Passports and driver’s licences part of a 148-gigabyte data breach impacting luxury Sydney hotel.

Western Sydney University – April 2025

• 10k students impacted by new Western Sydney Uni data breach | Western Sydney University (WSU) is currently investigating a cyber incident after it detected unauthorised access affecting students earlier this year.

REST and AustralianSuper – April 2025

• Hackers target Aussie pensioners in major super fund cyber attack | REST and AustralianSuper are among some of the largest superannuation funds affected by what appears to be a co-ordinated cybersecurity attack on the industry that has cost members money.

Hexicor – April 2025

• KillSec claims ransomware attack on Qld IT services firm Hexicor | Hackers have shared screenshots of customer folders, digital certificates, and a list of hashed passwords and backup data.

13Cabs – April 2025

• 13cabs may have suffered a major data breach | Major Australian cab service 13cabs has published a notice detailing a potential cyber attack after it discovered unauthorised activity on its network.

Vroom by YouX – March 2025

• Thousands of Driver’s Licenses, Bank Documents & PII Exposed in Australian Fintech Data Breach | Cybersecurity Researcher, Jeremiah Fowler, discovered and reported a non-password-protected database belonging to Vroom by YouX — an Australia-based Fintech company that facilitates automotive financing.
• It was immediately reported to Vroom, and the database was restricted from public access and no longer accessible shortly after.

Sydney Tools – March 2025

• Sydney Tools exposes 34m customer records after leaving database unprotected | Major Australian hardware and DIY supply store Sydney Tools has exposed the data of its employees and customers after it left a database publicly accessible.

Department of Communities and Justice – March 2025

• Police investigating major breach on NSW government website | NSW Police are investigating a major breach on a secure online platform on a state government website, with thousands of court documents downloaded.

Australian TFE Hotels – March 2025

• Australian TFE Hotels group admits cyber attack recovery an ongoing process

Brydens Lawyers – March 2025

• Brydens Lawyers suffers alleged 600GB data breach following ransomware attack | Prominent Sydney law firm Brydens Lawyers reveals a serious cyber incident in the wake of a February intrusion into its network.

CISCAL – March 2025

• Aussie laboratory supplier CI Scientific listed by Lynx ransomware | The hackers claim to have stolen 81 gigabytes of data, including information related to human resources at the NSW-headquartered firm.

The Australian New Zealand Clinical Trials Registry (ANZCTR) – March 2025

• Australian clinical trials delayed after cyberattack takes down website for a week

Wendy Wu Tours – March 2025

• Sydney-based tour agency listed by KillSec ransomware gang | Hackers claim to have exfiltrated data – including scans of valid passports – from Australian company Wendy Wu Tours.

Zurich Insurance – March 2025

• Zurich Insurance suffers alleged data breach | A threat actor has claimed a cyber attack on insurance giant Zurich Insurance Group, allegedly having stolen sensitive company data.

Australian adult website – February 2025

• Aussie adult site confirms tens of thousands emails compromised in data leak | Hacker offers 94,000 lines of Australian XXX Reviews member emails for sale on a popular hacking site.

Riverina Medical and Dental Aboriginal Corporation – February 2025

• Aboriginal and Torres Strait Islander healthcare provider confirms cyber incident | Wagga Wagga-based Riverina Medical and Dental Aboriginal Corporation has said it is investigating a cyber incident that may involve personal data; however, the incident has been “contained”.

Pound Road Medical Centre – February 2025

• Hackers publish alleged patient data and CCTV footage following medical centre cyber incident

Genea Fertility – February 2025

• Major Australian IVF clinic has treatments delayed by cyber attack

Brown and Hurley – February 2025

• Lynx ransomware group claims hack of truck dealership Brown and Hurley | The Queensland-based company was listed on the gang’s darknet leak site earlier this month.

Albright Institute of Language and Business – February 2025

• Cyber attack on Australian education centre claimed by KillSec | Threat actors have claimed a cyber attack on an Australian private education institution, claiming to have stolen personal and business data.

Australian National University – February 2025

• Australian National University investigating alleged cyber attack

Regency Media – February 2025

• Akira claims cyber attack on closed Australian media company

Natures Organics – February 2025

• Natures Organics confirms Medusa ransomware attack | Hackers claim to have stolen passport and driver’s licence scans and other personal information from an Australian organic goods producer.

Clutch Industries – January 2025

• Australian automotive manufacturer hit by cyberattack

JB Hi Fi – January 2025

• Threat actor falsely claims leak of 12m JB Hi-Fi records
• BREAKING NEWS: JB Hi FI Denies Massive Cyber Attack Claim

Christian Community Aid – January 2025

• Space Bears ransomware gang claims hack of Christian Community Aid

Muswellbrook Shire Council – January 2025

• Muswellbrook Shire Council confirms December ransomware attack | Council warned of a cyber incident last month, but ransomware gang SafePay has since published 175 gigabytes of stolen data.

Unique Cars and Parts – January 2025

• RipperSec targets Australian rare car part website | Another Australian organisation has allegedly suffered a cyber incident at the hands of the RipperSec hacking group, which targeted the website of a car part website.

Novati Constructions – January 2025

• Lynx ransomware targets Australian construction company Novati | Hackers say they have stolen records of “contracts, financial data, [and] incidents” from a Sydney-based firm.

University of NSW – January 2025

• RipperSec claims cyber attack on UNSW physics website | The RipperSec hacking group has announced a cyber attack on a University of NSW website, continuing its ongoing campaign against Australia and a number of other nations.

DBG Health – January 2025

• Ransomware gang claims responsibility for August hack of DBG Health | Newcomer Morpheus says it was behind an August 2024 compromise of an Australian pharmaceuticals and healthcare firm, posting employee passport scans to the dark web as proof.

Globelink – January 2025

• Qilin ransomware operation claims hack of Aussie freight forwarder | The hacking group has said it has stolen almost 30,000 files from Globelink International following an alleged December hack.

Austin’s Financial Solutions – January 2025

• Kairos ransomware claims hack of Austin’s Financial Solutions | Hackers have stolen and published 147 gigabytes of data belonging to an NSW wealth management firm.

ARDEX Australia – January 2025

• ARDEX Australia cyber attack claimed by Medusa ransomware | The Medusa ransomware gang has claimed a cyber attack on an Australian tiling, flooring and waterproofing company.

Spectrum Medical Imaging – January 2025

• Sydney medical practice cyber incident claimed by INC Ransom

Evidn – January 2025

• Everest ransomware gang lists Aussie company Evidn as a victim | Hackers claim to have stolen 50 gigabytes from an applied behavioural science firm that works closely with the Queensland government.

Volkswagen – January 2025

• Almost 800k Volkswagen EV owners data exposed

SquareX – January 2025

• SquareX reveals critical breach of Cyberhaven extension | SquareX has revealed a critical browser security incident targeting Chrome Extension developers, leading to a major compromise of Cyberhaven’s browser extension.

MediSecure – January 2025

• Company at centre of data breach revealed

Reference and Credit goes to Webber Insurance