On Oct. 6, news broke that 23andMe, the genomics company that collects genetic material from thousands of people for ancestry and genetic predisposition tests, had a massive data breach. But as it turns out, the company’s servers were not hacked. Rather, hackers targeted hundreds of individual user accounts — allegedly those that had repeated passwords.… Read more »
Microsoft has been its own worst enemy this week as the tech giant suffered two unrelated data leak incidents where masses of internal documents, trade secrets, and backups of employee computers were released on the internet. On Tuesday, researchers at security company Wiz went public about a 38TB trove of data that Microsoft’s AI team had accidentally… Read more »
A data security expert says the federal government’s cybersecurity strategy has the wrong end of the stick
The Australian government’s ambition to “become the most cyber secure nation by 2030” is destined to fail unless customers demand “security certifications” from businesses, according to a leading data security expert. Lisa Byrne, from data strategy firm Notitia, said customers will be the catalyst for businesses to “wake up” to their responsibility to provide effective… Read more »
The driver licence information of a hundred thousand Australians has been stolen after a major consumer finance company was targeted with a “sophisticated and malicious cyber-attack”. Latitude Financial, a major non-bank lender of consumer credit in Australia boasting 2.8 million customer accounts, revealed on Thursday that it had been breached following a significant cyber attack… Read more »
The hacker got credentials from a third-party IT provider. Australian health insurer Medibank made a “rookie mistake” that led to one of the largest data breaches in our country’s history, a cyber security expert has claimed in the wake of new details about the breach. In its half-yearly report, Medibank shared a brief outline of… Read more »
The Smith Family, which helps disadvantaged kids succeed through education, is the latest target of cyber hackers in the wake of attacks on Optus, MediBank and other Australian corporates. The national charity believes the primary motive of the attack was an attempt to steal funds, but the hackers were unsuccessful. However, the personal information of… Read more »
Medibank has reported a “distressing development” regarding its unfolding cyber incident, as “a series of additional files” received from a criminal party have been found to include detailed Medibank customer data. The health insurance provider first reported “unusual activity” on its network on 13 October – and it was initially believed no customer data had been removed… Read more »
Optus fears data on up to 9.8 million of its customers has been accessed in a sophisticated cyberattack – including, for some customers, passport and drivers licence details, as well as phone numbers, dates of birth and email addresses. It made the announcement through the media, in the middle of Thursday’s national day of mourning… Read more »
Data exposed includes names, birthdate, phone no. and email ID information such as driver’s licence or passport numbers may also be involved Experts warn to beware of scams in the months head Optus shut it down once it was discovered The personal data of up to nine million Australians may have been been accessed by… Read more »
Over the long weekend reports emerged of an alleged data breach, impacting half a billion Facebook users from 106 countries. And while this figure is staggering, there’s more to the story than 533 million sets of data. This breach once again highlights how many of the systems we use aren’t designed to adequately protect our… Read more »
186,000 Service NSW customers are victims of a cyber security hack involving 3.8 million documents stolen from staff email accounts
Around 186,000 users of Service NSW – the New South Wales government’s “one-stop shop” for everyone from licences to birth, deaths and marriage, property and the law – will be sent a registered letter notifying them of a data breach labelled a “criminal attack” that saw more than 3.8 million documents (738 gigabytes of data)… Read more »
The theft of account details from design platform Canva’s customer database last Friday appears to be the work of a notorious hacker responsible for stealing the account details of one billion customers from 45 companies, then offering them for sale on the dark web. The hacker, who uses the alias Gnosticplayers, contacted technology news site… Read more »
According to the OAIC an ‘eligible data breach’, which triggers notification obligations, is a data breach that is likely to result in serious harm to any of the individuals to whom the information relates.
New laws require companies that experience any significant data breach to notify The Office of The Australian Information Commissioner and impacted clients.