Data Breaches Australia 2022

Data breaches in the last 6 months of 2022 surged compared to the first six month according to the Government sources.

https://www.oaic.gov.au/privacy/notifiable-data-breaches/notifiable-data-breaches-statistics/notifiable-data-breaches-report-january-june-2022

Fire Rescue Victoria – December 2022

• Fire Rescue Victoria investigating security incident
• Cyber attack cripples Fire Rescue Victoria | Firefighters resort to mobile phones and radio.

LastPass – December 2022

• Parsing LastPass’ data breach notice

TPG Telecom – December 2022

• TPG Telecom joins list of hacked Australian companies, shares slide

State Office of Victoria – December 2022

• Data breach hits Victoria’s revenue office

LJ Hooker – December 2022

• Real estate agency LJ Hooker hit with data breach

Telstra – December 2022

• Telstra blames privacy breach on ‘database misalignment’ | Published details of unlisted customers online.
• Telstra explains how internal data breach exposed more than 130,000 customers’ details
• Telstra apologises after customer data breach
• Telstra slips up as details of 130,000 customers go online
• Telstra privacy breach sees customer details made public

Twitter – November 2022

• More than 5 million Twitter users at risk after alleged security breach

WhatsApp – November 2022

• WhatsApp denies data leak as company hit by anonymous online threat

The Smith Family – November 2022

• The Smith Family warns supporters of stolen personal data amid hack on Australian charity
• Children’s charity The Smith Family hit by cyberattack

Harcourts – November 2022

• Harcourts Melbourne City real estate agency advises customers of data breach

Victorian Government | PNORS Technology Group – November 2022

• Victoria has ordered an investigation into a potential data breach. Here’s what happened.

BWX (Flora & Fauna) – November 2022

• Credit card details likely exposed in skincare online shopping hack

SSKB – October 2022

• Australian strata company SSKB breached

Microsoft – October 2022

• Microsoft data breach exposes customers’ contact info, emails

AFP – October 2022

• AFP classified documents hacked in data leak, exposing agents fighting drug cartels

Vinomofo – October 2022

• Online wine seller Vinomofo hit in major data breach
• Vinomofo data breach: 500,000 customers at risk after wine dealer hit by cyber-attack

Medibank – October 2022

• Medibank admits personal data stolen in cyber attack
• Medibank Group detects cyberattack, takes several services offline as a precaution
• Medibank receives contact from hackers | Group requests negotiations over customer data.

Woolworths MyDeal – October 2022

• Woolworths MyDeal becomes latest target of cyber attack. What information was leaked and what can you do if you’re affected?
• Woolworths says data of 2.2 million customers of its MyDeal website has been exposed

North Face – September 2022

• 200,000 North Face accounts hacked in credential stuffing attack

Optus – September 2022

• Optus attack exposes customer information | Personal details of 1.1 million customers purportedly offered for sale.

Uber – September 2022

• Teen hacker gets into Uber, announces data breach on chat software
• Uber investigating ‘cyber security incident’ after report of breach | Company forced to shut internal communications and engineering systems.
• Uber Investigating Massive Security Breach by Alleged Teen Hacker
• Uber in ‘unforgivable’ security breach

Fremantle Football Club – September 2022

• Fremantle apologise for AFL data breach

TikTok – September 2022

• TikTok Hacked, Denies Security Breach Allegations
• TikTok denies security breach after hackers claim to have records of more than a billion users

LastPass – August 2022

• Password manager company LastPass reports major security breach | The company – which has more than 25 million users – says hackers stole parts of its source code and other sensitive data.
• LastPass was hacked, but it says no user data was compromised

DoorDash – August 2022

• Aussies’ sensitive details at risk after global data breach | Popular food delivery service DoorDash is investigating whether credit card and contact details of Australians have been leaked.

Facebook – August 2022

• A Facebook glitch has affected users worldwide. So, what went wrong and has there been a data breach?

WA Health – August 2022

• WA Health Department apologises for monkeypox data breach of passengers on flight from Doha to Perth
• Nurse responsible for major monkeypox data breach in Perth
• Health Department under fire as personal details of monkeypox plane passengers sent out in email

Cisco – August 2022

• Hackers Breach Cisco and Steal Data, But Fail to Deploy Ransomware

Twitter – August 2022

• Twitter confirms personal details of millions of account holders compromised
• Twitter says zero-day bug leaked account data
• More than 5 million Twitter accounts impacted by recent data breach

University of Western Australia – August 2022

• Student details, photos exposed in University of WA data breach
• University of Western Australia Student Details Exposed in Data Breach
• University of Western Australia Confirms Student Details Exposed in Data Breach
• University of Western Australia: Police charge man over major UWA data breach

Neopets – July 2022

• A Hacker Is Trying to Sell Data on 69 Million Neopets Users
• The Hackers Who Breached Neopets Were Inside Its IT Systems for 18 Months

Uber – July 2022

• Uber confesses it covered up a huge data breach | Confession comes as part of DoJ settlement
• Uber settles with DOJ for failing to disclose breach that exposed 57 million users’ data

Perth Festival, Black Swan State Theatre Company – July 2022

• Perth Festival, Black Swan Theatre and other arts organisations hit by major data breach

Victorian Government – July 2022

• Students, travellers and staff exposed as Hotel Quarantine data breach revealed

Woolworths – July 2022

• Woolworths denies data breach after outraged shoppers claim Everyday Rewards hacked

Marriott – July 2022

• Marriott suffers yet another data breach

Mangatoon – July 2022

• Millions of comic book fans have data leaked after Mangatoon breach

China Police – July 2022

• Private information of more than 100 Australians exposed amid huge China police data leak

Deakin University – July 2022

• Deakin University reveals breach of 47,000 students’ details | Subset targeted with smish sent via officially-used SMS channel.
• Data on Almost 47,000 Students Exposed in Deakin Uni Breach
• Hackers target Deakin Uni

AMD – July 2022

• AMD is investigating a serious potential data breach | An attacker claims to have stolen 450Gb of sensitive data
• AMD Is Investigating a Potential Data Breach Allegedly Caused by Weak Passwords

OpenSea – July 2022

• OpenSea customers warned to stay on high alert for phishing attacks | OpenSea email database exposed by third party
• NFT giant OpenSea reports major email data breach
• OpenSea users’ email addresses leaked in data breach
• NFTs Have Been Stolen From OpenSea Users

iCare – June 2022

• iCare data breach due to ‘human error’, agency says
• iCare launches systems review after 193,000 claimants affected by privacy breach
• iCare sends private details of 193,000 workers to wrong employers

Department of Home Affairs – May 2022

• Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols

NDIS – May 2022

• Sensitive NDIS health data breached in client platform hack
• NDIS case management system provider breached | Updated: “Large volume” of sensitive health data exposed.

Spirit Super – May 2022

• Spirit Super hit by data leak, 50,000 accounts exposed
• 50,000 super fund members impacted by data breach

APAC – May 2022

• APAC organisations fail to disclose ransomware breaches

Facebook – May 2022

• Facebook’s Zuckerberg sued for data breach
• Mark Zuckerberg, head of Facebook-owner Meta, is being sued in the US over the Cambridge Analytica scandal that compromised the personal data of millions

South Australian Government – May 2022

• More than 90,000 South Australian public servants now involved in payroll data breach

National Tertiary Education Union – May 2022

• NTEU becomes victim of data breach | NTEU servers were subject to a ransomware attack, a week out from University wide-strikes

Transport for NSW – May 2022

• TfNSW hit by another data breach
• TfNSW hit by second cyber attack in less than 18 months | Confirms authorised inspection scheme system data accessed
• Data breach a Transport for NSW fail

SuperVPN, GeckoVPN, ChatVPN – April 2022

• 25 million free VPN user records exposed

Coca-Cola – April 2022

• Coca-Cola investigating potential large-scale data breach | A new threat actor claims to have stolen gigabytes of data

Top Data Breaches and Cyber Attacks of 2022

• Cybercrime is big business, and it’s already rife in 2022 – we’ve highlighted ten top cases

Panasonic – April 2022

• Panasonic hit by another major cyberattack | Almost 3GB of data taken in attack on Panasonic

Block (ASX:SQ2) – April 2022

• Block (ASX:SQ2) share price jumps 6% despite reporting a data breach

Warrnambool Council – March 2022

• Data breach was ‘not serious’

OKTA – March 2022

• Okta says third-party breach may have impacted up to 366 customers – Hackers took control of contractor’s computer
• Lapsus$ hackers exploited Okta supplier’s security lapses – Allegedly found spreadsheet with login credentials.
• Okta investigates possible data breach – May relate to third-party customer support engineer targeted in January.
• Okta confirms hundreds of customers could be affected by data breach – January 2022 breach could have affected hundreds of Okta customers

Microsoft – March 2022

• Hackers Post Images Showing Possible Microsoft Breach – The same cybercriminal group that recently breached Nvidia briefly shares a screenshot that suggests the hackers also gained access to Bing’s source code.
• Microsoft Azure DevOps targeted by hackers
• ‘Single account’ compromise led to Microsoft’s Lapsus$ code leak – Attackers were interrupted mid-operation

Ubisoft – March 2022

• Ubisoft says ‘cyber security incident’ last week shows no evidence of data breach – Ubisoft’s IT team is working with external experts to investigate the incident, which took place last week.
• Ubisoft fans need to change their passwords now – Ubisoft player data should still be safe

Nvidia – March 2022

• Over 71,000 Nvidia accounts have personal data leaked following hack
• Nvidia says employee, company information leaked online after cyber attack
• Nvidia hackers claim they also hit Vodafone, threaten data leak
• NVIDIA data breach exposed credentials of over 71,000 employees

Samsung – March 2022

• Samsung confirms data breach after hackers leak internal source code
• Hacking group allegedly leaks 190GB of data from Samsung
• Nvidia hackers hit Samsung and leak huge data dump
• Samsung hit by major data breach — Galaxy device source code stolen
• Samsung Galaxy source code targeted by Lapsus$
• Samsung confirms hack: is your TV or smartphone at risk?

Australian Data Breaches Report

• Australian data breach statistics revealed in OAIC report

Toyota Motor – March 2022

• Toyota suspends domestic factory operations after suspected cyber attack | 13,000 vehicles held up after supplier hacked

Medlab Pathology – February 2022

• Medlab Pathology discloses February data breach
• Australian Clinical Labs accused of ‘sitting on’ hack that saw patient data posted to the dark web

OAIC Report – February 2022

• Australian gov data breach numbers slip out of public view
• Latest notifiable data breaches report

NSW Government – February 2022

• Sensitive addresses among more than 500,000 leaked from NSW Government database
• NSW nurses strike as data breach defended
• Sensitive business addresses among 500,000 published in COVID data breach

News Corp – February 2022

• News Corp reports cyber data breach
• News Corp reports cyber data breach
• Chinese hackers believed to be behind News Corp data breach

CFMMEUR – February 2022

• Union fined for data centre breach

Crypto.com – January 2022

• Security News This Week: Crypto.com Finally Admits It Lost $30 Million in Hack

Red Cross Australia – January 2022

• Locations and contact data on 515,000 vulnerable people stolen in Red Cross data breach
• Australian Red Cross clients potentially caught up in international cyber attack
• Red Cross cyberattack sees data of thousands at-risk people stolen
• Red Cross Cyber Attack Exposes Data of 515,000 Vulnerable People
• Australian Red Cross warns clients of potential security breach
• Aussie Red Cross flags potential cyber breach
• Australian Red Cross clients potentially caught up in international cyber attack
• Red Cross hackers exploited Zoho vulnerability to gain entry | Accessed case files of 515,000 vulnerable people held in encrypted database

TfNSW (Accellion) – January 2022

• TfNSW finds more customers, employees impacted by Accellion breach

FlexBooker – January 2022

• Scheduling Platform FlexBooker Discloses Data Breach Affecting 3.7 Million Accounts

Bunnings – January 2022

• Bunnings private customer data exposed in data breach
• Bunnings Customer Data Breached
• Bunnings Confirms Some Customer Data Is Caught up in FlexBooker Breach
• Bunnings stresses little risk to customers from FlexBooker data leak
• Bunnings’ drive and collect customer data caught up in FlexBooker security breach on Amazon cloud
• Bunnings shoppers’ personal information potentially exposed to data security breach
• Bunnings customers caught up in international data breach

Need More Help?

iTechWA offer paid consultancy services, onsite or remotely. Our rates can be found here. For help or further assistance, please contact us here.

iTechWA are experts in everything Microsoft, Apple, Ubiquiti, Sonos and Starlink.
For further help or assistance, contact us here or refer to vendor support websites such as Microsoft and Apple