Yearly Breach Reports Summary 2023
This is a listing of all publicly disclosed Australian cyber-attacks and data breaches from 2023.
Australian Cyber Aware
Providing Australian and New Zealand news and services on cybersecurity, information security, privacy, and AI security.
Vendor-neutral, press release-free, and advertisement-free.
Please follow the Source link to the original article to support the content owner. We only provide a summary with metadata to assist in categorisation.
Featured
Latest
Australian Info & Cyber Security News
This monthly review provides a curated summary of Australian and New Zealand cyber, privacy, and information security developments identified during … [...]
The seven-member board will conduct post-incident reviews of “significant cyber security incidents in Australia”. • Mon, 04 May 2026 • … [...]
Threat actors have claimed a cyber attack on an Australian fine jewellery retailer, claiming to have stolen over half a terabyte of data. • Mon, 04 … [...]
The ACMA is urging Australian businesses to register now, ahead of new anti-scam rules coming into effect later this year. • Mon, 04 May 2026 • … [...]
The impact of an alleged data breach at NSW Treasury has been “downgraded” after the incident response investigation found that “no project has been … [...]
Whangarei-based firm McKay confirms unauthorised access to a single device following ransomware claims by the Mnt6 hacking group. • Mon, 04 May 2026 • … [...]
The University of Queensland has bolstered its resilience to a range of incident types and threats with a coordinated and documented approach, … [...]
Hackers are alleged to have stolen more than 80,000 documents totalling 100 gigabytes of data from a Sydney-based property investment firm. • Fri, 01 … [...]
Scammers observed impersonating Aussie toll operator Linkt and the New Zealand Police and Ministry of Justice. • Wed, 29 Apr 2026 • … [...]
A cyber attack impacting a New Zealand city council has compromised the data of hundreds of people. • Wed, 29 Apr 2026 • Security *]:clear-none … [...]
Hackers claim to have stolen 441 gigabytes of data, including internal correspondence, driver’s licence scans and revealing Christmas party photos. • … [...]
Major Australian ice-cream retailer Gelatissimo has launched an investigation into claims made by hackers that the company was breached in a … [...]
Australian Cyber Incidents and Audits Reports
Australian Cyber Aware News and Breaches
LatestAustralian Cyber Aware – As It Was 2604 – April 2026
Australian Cyber Aware - As It Was 2604 - April 2026. This monthly review provides a curated summary of Australian and New Zealand cyber, privacy, and information security developments identified during April 2026. It includes a cross-section of incidents, regulatory updates, audit findings, and broader industry developments relevant to business and government audiences.
May 2026 So Far
Claim Status: Confirmed = Acknowledged by organisation/public statement/regulator | Published = Published in mainstream or reputable media | Claim = Leak-site claim only, unverified | Withdrawn = The claim has been withdrawn | Denied = The victim has formally denied the claim | Unknown = No corroborating evidence has been found
Confirmed 04-May-26 NZ
Exclusive: Kiwi firm, McKay electrical contractor, confirms cyber attack
One of New Zealand’s largest privately owned electrical contractors has confirmed it was the victim of a cyber attack in January, after it was listed as a victim on the darknet leak site of a newly emerged ransomware group.
Claim 01-May-26 AU
[Unconfirmed] Fulcrumsec claims breach of YOUX / DRIVE IQ, formerly known as Drive IQ, is an Australian technology company specialising in connected vehicle data and mobility intelligence.
Published 01-May-26 AU NSW
Exclusive: Prime Properties listed as breach victim by M3rx ransomware
Hackers are alleged to have stolen more than 80,000 documents totalling 100 gigabytes of data from a Sydney-based property investment firm.
If you believe any information in this post is inaccurate or incomplete, please contact us so the matter can be reviewed. Parties with additional relevant information relating to the incident are also invited to get in touch.
Australian InfoSec Incidents and Audits Issues
Incident: Ascot Vale Health Group targeted by Global ransomware group | CyberDaily.au
Australian Medical Ransomware Attack, 06 Jun 2025: Victorian based Ascot Vale Health Group targeted by Global ransomware group. Global ransomware group has so far not listed how much data it has allegedly stolen or what kind of data may have been compromised.
Incident: RISE Racing confirms Sarcoma ransomware attack | CyberDaily.au
Australian Racing Industry Ransomware Attack, 05 Jun 2025: Victorian based RISE Racing confirms Sarcoma ransomware attack. Reports indicate that 1.6GB of sensitive data was stolen, including: Banking details, financial records, participant personal information and operational data related to the racing industry.
Incident: MKA Accountants confirms Qilin ransomware attack | CyberDaily.au
Australian Accounting Firm Ransomware Attack, 16 May 2025: Victorian MKA Accountants confirms Qilin ransomware attack. Qilin published 12 documents as part of its leak post, including internal correspondence, financial statements, and insurance information
Incident: NSW court website involved in major data breach, 9,000 documents downloaded | ABC News (Australia)
Australian Cyber Incident – Court Data Breach, 26 March 2025: NSW court website involved in major data breach, 9,000 documents downloaded. Man charged in connection with court document data breach.
Incident: Brydens Lawyers suffers alleged 600GB data breach following ransomware attack | cyberdaily.au
Incident – Law Firm Ransomware Attack, 13 March 2025: Prominent Sydney law firm Brydens Lawyers reveals a serious cyber incident in the wake of a February intrusion into its network. More than 600 gigabytes of data – including case, client, and staff data – was stolen in the incident.
NZ Incident: Kiwi car dealership Tristram European listed by DragonForce ransomware | Cyberdaily.au
NZ Incident – Ransomware Attack, 28 February 2025: DragonForce Ransomware Targets Kiwi Car Dealership Tristram European. The attackers claim to have stolen over 30 gigabytes of sensitive data, including customer information and financial records.
Incident: Australian IVF provider Genea in cyber incident | iTnews
Updated Incident – Medical Data Breach, 19 February 2025: Australian IVF provider Genea in cyber incident. Genea patients frustrated by lack of communication amid data breach.
Incident: Australian National University investigating alleged cyber attack | Cyberdaily.au
Incident – University Ransomware Attack, 16 February 2025: Australian National University investigating alleged cyber attack by FSociety ransomware group. No ransom amount was given; however, society is threatening to publish the data within seven days.
NZ Incident: KillSec claims breach of NZ medical supplier | Cyberdaily.au
NZ Incident – Medical Ransomware Attack, 13 February 2025: KillSec claims ransomware attack on New Zealand based Obex Medical. While the exact details of the breach remain unclear, this latest incident highlights the persistent threat of ransomware groups, particularly those focused on industries like healthcare.
Update AU Incident: The University of Notre Dame Australia confirms cyber incident | Cyberdaily.au
Updated AU Incident – Education Cyber Attack, 04 February 2025: The University of Notre Dame Australia in Western Australia confirms cyber incident. Claims are that 62.3 Gb of data was exfiltrated. Containing employee and student contact data, medical documents, confidential agreements and licenses. Problems with enrolling and accessing class timetables, weeks after a cyber attack
Information Security Memes
Security quotes and wisdoms
- Quotes
Quote: John Chambers “There are two types of companies….”
Quotes and Memes: "There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked" - John Chambers
