Australian Cyber News Last Week – November 27th, 2023: Well, that was a busy week. The Australian government’s release of the 2023-2030 Australian Cyber Security Strategy. I wrote up the TissuePath breach and followed down a rabbit hole of Core Desktop and AlphV (Black Cat). Optus CEO resigns, Changes to the SOCI act, Federal whole-of-government zero trust target, scale back of Metadata retention, and two-year delay on banning ransomware payments.
and Cyber Security Awareness
Australian focus with a bit of New Zealand, vendor neutral, no vendor press releases, advertisement free.
Please follow the Source link to the original article to support the content owner. We've only provide a brief summary with metadata to assist in categorisation.
Australian InfoSec Incidents and Audits Issues
Australian Insider Threat, 29 November 2023: National Disability Insurance Agency NDIA data breach claimed to impact 11,000 “records”. NDIA staffer charged with leaking participants’ data, acting NDIA provider also arrested.
Australian Football Cyber Attack, 16 November 2023: Port Adelaide Football Club Hackers post Port files online. Member data is believed not to be compromised though members should be wary of communications from the club.
Australian Pathology Ransomware Attack, 14 November 2023: Australian pathology company Tissupath, reported a ransomware attack at a third-party IT supplier, Core Desktop. About 130,000 victims of a data hack at pathology company TissuPath in August involving referrals issued between 2011 and 2020 was to blame.
Incident: Major Australian port operator shuts down amid cyber security incident, impacting goods in and out of the country | ABC News (Australia)
Australian Ports Cyber Attack, 11 November 2023: Major Australian port operator DP World Australia shuts down amid cyber security incident, impacting goods in and out of the country. Operator failed to fix a critical IT vulnerability; the patch had been released over a month earlier.
Incident: SA Health patients caught up in data breach of third-party platform Personify Care | ABC News (Australia)
Australian Patient Data, 28 October 2023: SA Health patients caught up in data breach of third-party platform Personify Care. Health information of 121 patients and the names and phone numbers of about 12,000 others was deleted by an “unauthorised third party.
Incident: The Super SA data hack impacted thousands but took two months to come to light. Here’s what we know | ABC News (Australia)
Australian Health Insurer Hacked, 28 October 2023: The Super SA data hack impacted thousands but took two months to come to light. Here’s what we know. 14,011 members may have been impacted by a cyber security incident involving a former third-party service provider.
Australian Denial of Service Attack, 06 October 2023: Home Affairs, Administrative Appeals Tribunal websites hit by cyber attacks. DDoS attack, impacted site access for about five hours.
Australian Patient Data Breach, 05 October 2023: Personal data of almost 200 patients exposed in hack of Melbourne hospital staff member’s email. Worker sent details about the patients to their personal email account, which was later hacked.
Incident: Ransomware gang posts 30GB of data it claims belongs to Victorian real estate group | cyberdaily.au
Australian Real Estate Ransomware Attack, 04 October 2023: Ransomware gang posts 30GB of data it claims belongs to Victorian real estate group. Ragnar Locker gang is claiming to have breached Network Pacific Real Estate following a failure in negotiations.
Incident: Russian ransomware gang AlphV breaches Core Desktop, a South Melbourne IT services company | ABC News (Australia)
Australian IT Services Ransomware Attack, 05 September 2023: Russian ransomware gang AlphV breaches Core Desktop, a South Melbourne IT services company. TissuPath, Strata Plan and Barry Plant Blackburn were all clients of Core Desktop.
Australian Info & Cyber Security News
- Cyber attack on Sydney radiology company | 9 News Australiaby 9 News Australia on December 2, 2023
Police and cyber security experts are investigating an attack on a Sydney radiology company as fears of personal data being compromised lingers. | Subscribe ...
- OAIC alleges Australian Clinical Labs hack resulted from lacklustre security measuresby Daniel Croft on December 1, 2023
Australian Clinical Labs (ACL) parent company Medlab back in February 2022 announced that it had suffered a cyber attack at the hands of the Quantum …
- Government boosts Digital ID funding by $145.5mby Ry Crozier on December 1, 2023
The federal government is set to put an extra $145.5 million into expanding the Digital ID system and scheme over the next four years, adding to the …
- Services Australia vets customer data after Brisbane medical group breachby Ry Crozier on December 1, 2023
Top Health Doctors, a Brisbane-based GP and skin cancer clinic group, experienced an email account compromise incident in September that may have …
- Queensland passes mandatory data breach notification schemeby Ry Crozier on November 30, 2023
Queensland’s parliament has passed a mandatory data breach notification scheme, affecting state agencies from mid-2025 and local governments from …
- Incident: NDIA data breach claimed to impact 11,000 "records" | iTnewsby Steven Kirby on November 29, 2023
Australian Insider Threat, 29 November 2023 National Disability Insurance Agency NDIA data breach claimed to impact 11,000 “records” NDIA staffer …
- NDIA staffer charged with leaking participants' databy Jeremy Nadel on November 29, 2023
A National Disability Insurance Agency (NDIA) employee has been arrested and charged following an investigation into an insider leak of recipients' …
- Australians lost $1.2 million to NBN impersonation scams this yearby Kenn Anthony Mendoza on November 29, 2023
Australians have fallen prey to NBN impersonation scams with losses totalling to $1.2 million during the first nine months of the year, a 21% decline …
- DP World says personal info of employees stolen during attackby Sam Varghese on November 29, 2023
Stevedore DP World Australia says personal information of current and previous employees has been both accessed and exfiltrated during a recent …
- Government probe into massive Optus outage to investigate triple-0 access and public messagingby By political reporter Matthew Doran on November 27, 2023
The federal government's inquiry into this month's massive Optus outage will hone in on concerns Australians were unable to access the triple-0 …
- AU Info and Cyber Security News Last Week 2023-11-27by Steven Kirby on November 26, 2023
Australian Cyber News Last Week – November 27th, 2023: Well, that was a busy week, especially on the forums regarding the Australian government’s …
- Incident: TissuPath data breach victim upset by delayed notification | ABC News (Australia)by Steven Kirby on November 26, 2023
Australian Pathology Ransomware Attack, 14 November 2023 Australian pathology company Tissupath, reported a ransomware attack at a third-party IT …