June 2026  So Far

Claim Status: Confirmed = Acknowledged by organisation/public statement/regulator | Published = Published in mainstream or reputable media | Claim = Leak-site claim only, unverified | Withdrawn = The claim has been withdrawn | Denied = The victim has formally denied the claim | Unknown = No corroborating evidence has been found

Confirmed 19-Jun-26 AU QLD
ALS Restores Operations After Cyberattack as Data Exposure Review Intensifies
ACTOR-DRIVEN disruption at ALS Limited, an Australian laboratory testing and inspection company, is exposing the operational and data security risks facing critical service providers after the firm restored most of its systems following a cyber incident while continuing to assess potential data impacts.

Published 19-Jun-26 AU VIC
Exclusive: 2019 claims alleged cyber incident on Melbourne weight-loss clinic
Notorious threat actor 2019 listed the clinic on an infamous hacking forum, claiming to have stolen data from over 28,000 patients across over 300,000 records at Elina Medical Weight Loss Clinic in Melbourne.

Published 18-Jun-26 AU, NZ
Exclusive: Harcourts allegedly hacked by SafePay ransomware
Major Australia-based real estate firm Harcourts has allegedly suffered a cyber incident after threat actors listed the company on their dark web leak site.

Published 18-Jun-26 AU VIC
Exclusive: Qilin ransomware claims hack of Aussie K-12 tutoring provider
The Qilin ransomware-as-a-service operation has listed a Victoria-headquartered online tutoring company, Kinetic Education, as a victim on its darknet leak site.

Denied 17-Jun-26 AU NSW
NSW government disputes alleged data breach
The New South Wales Government has shut down claims that it was hit by a data breach after a ransomware group leaked an alleged sample of 200GB in stolen data to the dark web.

Confirmed 16-Jun-26 AU
Exclusive: Hacker uses Productivity Commission breach to bully journos
The Australian Productivity Commission has confirmed an incident in which emails were sent out from its noreply email address that appeared to have been sent by a threat actor.

Confirmed 12-Jun-26 AU ACT
Exclusive: Ochre Health confirms patient data from its Tuggeranong clinic potentially compromised
The medical records, including Medicare numbers and DVA numbers, of potentially more than 25,000 patients of ACT-based Ochre Medical Centre Tuggeranong have been sold by a 2019 ransomware group online after a prolific hacker breached an unnamed third-party provider.

Confirmed 12-Jun-26 AU
Exclusive: One Nation blames “fearful Labor goons” for DDoS site crash
A spokesperson for Pauline Hanson’s One Nation has taken to Facebook to explain why the party’s donation website was down today. "Deliberate DDoS attack".

Denied 12-Jun-26 AU
Exclusive: Australian Medical Council denies ransomware attack in wake of false claim
The Australian Medical Council (AMC) has said it was not the victim of a ransomware attack after it was listed as a victim on the darknet site of the ThreeAM hacking group.

Confirmed 11-Jun-26 AU SA
Parents warned after ‘cyber security breach’ at South Australia’s Reynella East College
A cyber security incident has taken the IT systems of a South Australian school, Reynella East College, offline for at least several days, a letter from the state’s Department of Education has warned.

Confirmed 11-Jun-26 AU WA
Student data compromised in second University of Western Australia data breach in 6 months
The University of Western Australia has disclosed it has been the victim of a data breach after access credentials for its Callista database were accidentally shared online.

Confirmed 10-Jun-26 AU QLD
Cyber attack shuts down two Mackay Sugar mills
Advocacy group Canegrowers confirmed on Wednesday the incident had shut down Mackay Sugar's milling and cane haulage across the Farleigh and Racecourse mills just outside Mackay, both of which had started crushing within the past week.

Published 10-Jun-26 AU NSW
Exclusive: 2019 claims breach of Australian lingerie retailer
In a post on a notorious hacking forum made earlier this month, threat actor 2019 claimed to have breached DeBra’s, saying that they exfiltrated 196,800 customer records and 1.2 million order records.

Published 10-Jun-26 AU QLD
Exclusive: Qilin targets Qld healthcare provider, but gets a bit confused
Qilin listed The Banyans Healthcare, an entity it called The Banyans Health and Wellness, on 8 June, and while the hackers shared few details (no evidence, no ransom demand, nor any idea of the volume of data allegedly compromised). The actual breach appears to be at Banyans Medical Centre and Specialist Clinics, which is investigating the incident.

Published 09-Jun-26 AU NSW
Exclusive: Napoleon Perdis allegedly breached following threat actor claims
Australian luxury make-up and cosmetics brand Napoleon Perdis has allegedly suffered a cyber incident after a threat actor claimed responsibility for breaching the company.

Published 09-Jun-26 AU VIC
Exclusive: Aussie farming group launches investigation following Qilin cyber attack claims
Late last month, Tripod Farmers was listed online by the Qilin ransomware group. According to threat feeds observed by Cyber Daily, the incident occurred around 17 February 2026, suggesting that the threat actor has had access for an extended period.

Published 09-Jun-26 AU NSW
Exclusive: 2019 claims cyber incident on Aussie ASX and financial market research firm
Over the weekend (6 June), threat actor 2019 listed Kalkine Media on an infamous cyber crime forum, claiming to have stolen the personal data of over 2,900 customers.

Published 09-Jun-26 AU NSW
Exclusive: Hacker claims breach of Aussie travel agency, FirstClass, 53k customers potentially impacted
2019, a prominent member of a popular underground hacking forum, said in a June 3 post they had gained access to the data of more than 53,300 customers of luxury travel website, FirstClass.com.au.

Denied 05-Jun-26 AU
Exclusive: Centrelink denies hacker claims of cyber attack
A threat actor with a reputation for targeting Australian entities has claimed a cyber attack on government service Centrelink, a claim Centrelink says is false.

Confirmed 04-Jun-26 AU NSW
Australia luxury lifestyle brand Camilla confirms cyber incident
Australian luxury and lifestyle fashion brand Camilla has confirmed a cyber incident, leading to company data theft by a threat actor.

Confirmed 04-Jun-26 AU NSW
Exclusive: MMJ Real Estate allegedly hacked, 17.3k customer records potentially compromised
The personal data of more than 17,300 clients of Australian estate agent MMJ Real Estate has potentially been exposed in a data breach.

Confirmed 03-Jun-26 AU VIC
Exclusive: Hacker claims breach of the Australian Centre for the Moving Image, PII allegedly compromised
A hacker going by the name of 2019 has published what they claim is the personal data of more than 25,000 customers of the Australian Centre for the Moving Image (ACMI) to a hacking forum.

Published 02-Jun-26 AU NSW
Exclusive: Aussie workplace catering firm Hampr suffers alleged 360k record data breach
The Hampr records come in two parts. The first contains customer IDs, names, mobile phone numbers, and account details, while the second part contains dietary information, payment details, billing information, and workspace details.

Confirmed 01-Jun-26 AU VIC
Hacked! Melbourne International Film Festival responding to cyber incidents
The Melbourne International Film Festival has said it is responding to a pair of cyber incidents that have affected its 340 000 customers' data.

Confirmed 01-Jun-26 AU NSW
Exclusive: VSP Solutions responding to Stormous ransomware attack
Aussie video security firm VSP Solutions says it has contained the incident after hackers claimed to have stolen and published 40 gigabytes of company data.

If you believe any information in this post is inaccurate or incomplete, please contact us so we can review the matter. Parties with additional relevant information relating to the incident are also invited to get in touch.

New complete timeline of Australian Timeline Incidents and Audits

View all quotes