Australian Cyber Aware - As It Was 2605 - May 2026. Aggregated listing of Australian and New Zealand cybersecurity, privacy, and AI risks developments identified during May 2026. It includes cybersecurity incidents, regulatory updates, news stories, audit findings, and broader industry developments relevant to business and government audiences.
The Aur0ra ransomware group has published employee data, passwords, banking details, and testing records from an Australian company with a massive … [...]
The Australian Signals Directorate intends to retire its Essential Eight guidance framework within two years, to keep up with shifting cyber security … [...]
Landmark determinations against a pair of medical websites find that health providers must obtain consent before collecting sensitive information for … [...]
The NSW government will spend an extra $209 million over the next decade on the P25 radio network that supports emergency services’ communications. In … [...]
The Queensland government will release at least $256 million from a ‘digital fund’ for technology projects as part of its latest state budget. The … [...]
A Queensland police investigation has uncovered an alleged industrial espionage operation that potentially contributed to a major construction … [...]
The Western Australia Police Force will roll out live facial recognition in public spaces on 1 July, and Electronic Frontiers Australia calls the … [...]
Threat actor 2019 posts alleged National Portrait Gallery customer and client data to undergound hacking forum; names, emails, and location data … [...]
Australian Defence Force (ADF) personnel are getting ready to deploy to the Pacific to test defensive cooperation. Bethany Alvaro • Tue, 23 Jun 2026 • … [...]
Cyber security agencies in Australia, Canada, New Zealand, Britain and the United States are stepping up their awareness campaign around artificial … [...]
A Q&A guide to data protection and management for digital health in Australia, covering anonymised health data, enforcement, cybersecurity and … [...]
AI Summary ▼ The Full Court of the Federal Court has held that s 183(1) of the Corporations Act 2001 (Cth) provides a standalone cause of action … [...]
It has been another significant 12 months across the Australian regulatory landscape, defined by notable penalties obtained against companies that … [...]
New research by TikTok reveals one in five Australians believe online content before checking if it's true, while nearly 40 per cent share information without verifying it first. Cyber safety [...]
The WA Police Child Exploitation Squad operates an undercover unit where detectives pose as children in online chat rooms to identify and apprehend predators targeting minors. Subscribe and set 🔔 [...]
Australian schools are facing a significant threat as reports of AI-generated child abuse material have surged by 1,300%, with photos of children being harvested from school social media accounts and [...]
Technology is making it easier than ever before to watch and monitor others, with or without their consent. Insight investigates when this kind of surveillance is okay and when it [...]
Artificial intelligence (AI) is now creating two distinct governance challenges for directors. First, boards must respond to the rising cyber risks … [...]
Confirmed 19-Jun-26 AU QLD
ALS Restores Operations After Cyberattack as Data Exposure Review Intensifies
ACTOR-DRIVEN disruption at ALS Limited, an Australian laboratory testing and inspection company, is exposing the operational and data security risks facing critical service providers after the firm restored most of its systems following a cyber incident while continuing to assess potential data impacts.
Published 19-Jun-26 AU VIC
Exclusive: 2019 claims alleged cyber incident on Melbourne weight-loss clinic
Notorious threat actor 2019 listed the clinic on an infamous hacking forum, claiming to have stolen data from over 28,000 patients across over 300,000 records at Elina Medical Weight Loss Clinic in Melbourne.
18-Jun-26 AU QLD
QAO Education
AUDIT: Education 2025
Weaknesses in the security of information systems at universities continue to account for most of the deficiencies we identified. Despite this, we have been able to rely on the systems and processes they used to prepare financial statements. This year, we identified 25 deficiencies – including one significant deficiency – relating to weaknesses in information systems controls at universities. Of the 48 deficiencies we identified last year, 14 remain unresolved as at 31 December 2025
Published 18-Jun-26 AU, NZ
Exclusive: Harcourts allegedly hacked by SafePay ransomware
Major Australia-based real estate firm Harcourts has allegedly suffered a cyber incident after threat actors listed the company on their dark web leak site.
Published 18-Jun-26 AU VIC
Exclusive: Qilin ransomware claims hack of Aussie K-12 tutoring provider
The Qilin ransomware-as-a-service operation has listed a Victoria-headquartered online tutoring company, Kinetic Education, as a victim on its darknet leak site.
Denied 17-Jun-26 AU NSW
NSW government disputes alleged data breach
The New South Wales Government has shut down claims that it was hit by a data breach after a ransomware group leaked an alleged sample of 200GB in stolen data to the dark web.
16-Jun-26 AU SA
AOSA Government
AUDIT: Review of legacy ICT systems
We found weaknesses in how some agencies manage legacy system risks, including incomplete asset inventories, limited formal risk assessments, gaps in risk register documents and inconsistent reporting to governance bodies. These gaps reduce visibility of risks and can delay action to remediate or replace systems.
Confirmed 16-Jun-26 AU
Exclusive: Hacker uses Productivity Commission breach to bully journos
The Australian Productivity Commission has confirmed an incident in which emails were sent out from its noreply email address that appeared to have been sent by a threat actor.
11-Jun-26 AU FED
ANAO, Department of Parliamentary Services, Government
AUDIT: Management of Cyber Security in the Department of Parliamentary Services
The ANAO audit assessed whether the Department of Parliamentary Services (DPS) had an effective baseline of cyber security controls, focusing on its assessment of cyber risks, implementation of the Essential Eight mitigation strategies, and assurance over control effectiveness in alignment with the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM). It found that while governance structures existed, the overall cyber security posture was only partly effective due to gaps in risk assessment, incomplete implementation of controls, reliance on compensating measures, and weaknesses in asset inventories, policy frameworks, and assurance processes.
Confirmed 12-Jun-26 AU ACT
Exclusive: Ochre Health confirms patient data from its Tuggeranong clinic potentially compromised
The medical records, including Medicare numbers and DVA numbers, of potentially more than 25,000 patients of ACT-based Ochre Medical Centre Tuggeranong have been sold by a 2019 ransomware group online after a prolific hacker breached an unnamed third-party provider.
Confirmed 12-Jun-26 AU
Exclusive: One Nation blames “fearful Labor goons” for DDoS site crash
A spokesperson for Pauline Hanson’s One Nation has taken to Facebook to explain why the party’s donation website was down today. "Deliberate DDoS attack".
Denied 12-Jun-26 AU
Exclusive: Australian Medical Council denies ransomware attack in wake of false claim
The Australian Medical Council (AMC) has said it was not the victim of a ransomware attack after it was listed as a victim on the darknet site of the ThreeAM hacking group.
11-Jun-26 AU NSW
AONSW Education
AUDIT: Universities 2025
"Control deficiencies were most common in IT/cyber security, governance and payroll
There were 94 reported audit findings and most related to poor monitoring of IT/cyber security risks, inadequate governance oversight and deficiencies in payroll management. One university has no processes to manage IT legacy systems, and 6 universities have not formally assessed legacy system risks.
Three universities still do not have a formalised AI policy. Only 2 universities had procurement guidance in place for AI-related procurement."
Confirmed 11-Jun-26 AU SA
Parents warned after ‘cyber security breach’ at South Australia’s Reynella East College
A cyber security incident has taken the IT systems of a South Australian school, Reynella East College, offline for at least several days, a letter from the state’s Department of Education has warned.
Confirmed 11-Jun-26 AU WA
Student data compromised in second University of Western Australia data breach in 6 months
The University of Western Australia has disclosed it has been the victim of a data breach after access credentials for its Callista database were accidentally shared online.
Confirmed 10-Jun-26 AU QLD
Cyber attack shuts down two Mackay Sugar mills
Advocacy group Canegrowers confirmed on Wednesday the incident had shut down Mackay Sugar's milling and cane haulage across the Farleigh and Racecourse mills just outside Mackay, both of which had started crushing within the past week.
Published 10-Jun-26 AU NSW
Exclusive: 2019 claims breach of Australian lingerie retailer
In a post on a notorious hacking forum made earlier this month, threat actor 2019 claimed to have breached DeBra’s, saying that they exfiltrated 196,800 customer records and 1.2 million order records.
Published 10-Jun-26 AU QLD
Exclusive: Qilin targets Qld healthcare provider, but gets a bit confused
Qilin listed The Banyans Healthcare, an entity it called The Banyans Health and Wellness, on 8 June, and while the hackers shared few details (no evidence, no ransom demand, nor any idea of the volume of data allegedly compromised). The actual breach appears to be at Banyans Medical Centre and Specialist Clinics, which is investigating the incident.
Published 09-Jun-26 AU NSW
Exclusive: Napoleon Perdis allegedly breached following threat actor claims
Australian luxury make-up and cosmetics brand Napoleon Perdis has allegedly suffered a cyber incident after a threat actor claimed responsibility for breaching the company.
Published 09-Jun-26 AU VIC
Exclusive: Aussie farming group launches investigation following Qilin cyber attack claims
Late last month, Tripod Farmers was listed online by the Qilin ransomware group. According to threat feeds observed by Cyber Daily, the incident occurred around 17 February 2026, suggesting that the threat actor has had access for an extended period.
Published 09-Jun-26 AU NSW
Exclusive: 2019 claims cyber incident on Aussie ASX and financial market research firm
Over the weekend (6 June), threat actor 2019 listed Kalkine Media on an infamous cyber crime forum, claiming to have stolen the personal data of over 2,900 customers.
Published 09-Jun-26 AU NSW
Exclusive: Hacker claims breach of Aussie travel agency, FirstClass, 53k customers potentially impacted
2019, a prominent member of a popular underground hacking forum, said in a June 3 post they had gained access to the data of more than 53,300 customers of luxury travel website, FirstClass.com.au.
Denied 05-Jun-26 AU
Exclusive: Centrelink denies hacker claims of cyber attack
A threat actor with a reputation for targeting Australian entities has claimed a cyber attack on government service Centrelink, a claim Centrelink says is false.
04-Jun-26 AU VIC
VAGO, Higher Education
AUDIT: Results of 2025 Audits: TAFEs and Universities
Weaknesses in IT controls continue to require attention in both sectors. Issues with their management and monitoring of system access increase the risk that errors or fraud occur and go undetected.
Confirmed 04-Jun-26 AU NSW
Australia luxury lifestyle brand Camilla confirms cyber incident
Australian luxury and lifestyle fashion brand Camilla has confirmed a cyber incident, leading to company data theft by a threat actor.
Confirmed 04-Jun-26 AU NSW
Exclusive: MMJ Real Estate allegedly hacked, 17.3k customer records potentially compromised
The personal data of more than 17,300 clients of Australian estate agent MMJ Real Estate has potentially been exposed in a data breach.
Confirmed 03-Jun-26 AU VIC
Exclusive: Hacker claims breach of the Australian Centre for the Moving Image, PII allegedly compromised
A hacker going by the name of 2019 has published what they claim is the personal data of more than 25,000 customers of the Australian Centre for the Moving Image (ACMI) to a hacking forum.
Published 02-Jun-26 AU NSW
Exclusive: Aussie workplace catering firm Hampr suffers alleged 360k record data breach
The Hampr records come in two parts. The first contains customer IDs, names, mobile phone numbers, and account details, while the second part contains dietary information, payment details, billing information, and workspace details.
Confirmed 01-Jun-26 AU VIC
Hacked! Melbourne International Film Festival responding to cyber incidents
The Melbourne International Film Festival has said it is responding to a pair of cyber incidents that have affected its 340 000 customers' data.
Confirmed 01-Jun-26 AU NSW
Exclusive: VSP Solutions responding to Stormous ransomware attack
Aussie video security firm VSP Solutions says it has contained the incident after hackers claimed to have stolen and published 40 gigabytes of company data.
If you believe any information in this post is inaccurate or incomplete, please contact us so we can review the matter. Parties with additional relevant information relating to the incident are also invited to get in touch.
Australian Medical Ransomware Attack, 06 Jun 2025: Victorian based Ascot Vale Health Group targeted by Global ransomware group. Global ransomware group has so far not listed how much data it has allegedly stolen or what kind of data may have been compromised.
Australian Racing Industry Ransomware Attack, 05 Jun 2025: Victorian based RISE Racing confirms Sarcoma ransomware attack. Reports indicate that 1.6GB of sensitive data was stolen, including: Banking details, financial records, participant personal information and operational data related to the racing industry.
Australian Accounting Firm Ransomware Attack, 16 May 2025: Victorian MKA Accountants confirms Qilin ransomware attack. Qilin published 12 documents as part of its leak post, including internal correspondence, financial statements, and insurance information
Australian Cyber Incident – Court Data Breach, 26 March 2025: NSW court website involved in major data breach, 9,000 documents downloaded. Man charged in connection with court document data breach.
Incident – Law Firm Ransomware Attack, 13 March 2025: Prominent Sydney law firm Brydens Lawyers reveals a serious cyber incident in the wake of a February intrusion into its network. More than 600 gigabytes of data – including case, client, and staff data – was stolen in the incident.
NZ Incident – Ransomware Attack, 28 February 2025: DragonForce Ransomware Targets Kiwi Car Dealership Tristram European. The attackers claim to have stolen over 30 gigabytes of sensitive data, including customer information and financial records.
Updated Incident – Medical Data Breach, 19 February 2025: Australian IVF provider Genea in cyber incident. Genea patients frustrated by lack of communication amid data breach.
Incident – University Ransomware Attack, 16 February 2025: Australian National University investigating alleged cyber attack by FSociety ransomware group. No ransom amount was given; however, society is threatening to publish the data within seven days.
NZ Incident – Medical Ransomware Attack, 13 February 2025: KillSec claims ransomware attack on New Zealand based Obex Medical. While the exact details of the breach remain unclear, this latest incident highlights the persistent threat of ransomware groups, particularly those focused on industries like healthcare.
Updated AU Incident – Education Cyber Attack, 04 February 2025: The University of Notre Dame Australia in Western Australia confirms cyber incident. Claims are that 62.3 Gb of data was exfiltrated. Containing employee and student contact data, medical documents, confidential agreements and licenses. Problems with enrolling and accessing class timetables, weeks after a cyber attack
Quotes and Memes: "Complexity creates confusion, simplicity focus." - Edward de Bono
