Incident: Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment | ABC News (Australia)

Posted by Steven Kirby | Dec 18, 2021 | 12.06 Technical vulnerability management, ABC News (Australia), Australia, Australian InfoSec Incidents 2021, Confidentiality, Human Resources, Privacy Breach, SaaS - Software as a Service, Services | 0 |

Australian Recruitment Ransomware Incident,
18 December 2021

Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment

Conti claims to have stolen more than 300 gigabytes of data in this attack

Source: Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment | ABC News (Australia)

Related Incidents:

Incident: NSW government casual recruiter suffers ransomware hit | ZDNet

A long list of businesses, banks and government agencies were caught up in the leak by way of their ties with Finite, including Westpac, ME Bank, Coles, Adairs, AMP, Suez Australia, NBN Co and the departments of Defence, Home Affairs and Health.

IT recruitment firm Finite Recruitment has confirmed it experienced a cyber incident in October, which resulted in a “small subset” of the company’s data being downloaded and published on the dark web.

Hackers have accessed and released sensitive data that includes resumes, offers of employment, contracts, timesheets and vaccine certificates, with the likely goal of extracting a ransom.

Some of Finite Recruitment’s clients contacted by the ABC said they were aware of the leak, while others had not been notified.

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

APVMA added to HWL Ebsworth breach list
by Richard Chirgwin on September 25, 2023
The Australian Pesticides and Veterinary Medicines Authority (APVMA) has confirmed that it was one of the federal government agencies impacted by the …
Australian Federal Police claw back $45m lost to BEC scammers
by Ry Crozier on September 25, 2023
The Australian Federal Police has claimed some success in thwarting in-progress business email compromise (BEC) scams, in cases where the incident is …
AFP saves mum and dad business from cyber criminals | Australian Federal Police
by Australian Federal Police on September 25, 2023
The AFP has returned $45 million to Australian businesses targeted by cyber criminals in the past three years. As the AFP today challenges the …
Aussies Warned Over Cyber-Security Risks After Large-Scale Hack
by The Project on September 24, 2023
Sixty-five government departments and agencies have been caught up in the country’s latest ‘large scale’ cyber-attack on legal firm HWL Ebsworth, with stark ...
Federal government rolls out plan to protect Aussies from cyber attacks | 9 News Australia
by 9 News Australia on September 24, 2023
One year on since the Optus cyber attack, Home Affairs Minister has revealed part of the Federal government’s plan to protect Australians from future breache...
Troy Hunt scours the dark web for your stolen data — but he's just trying to help
by By Julian Fell on September 22, 2023
He's just "a dude on the web", but Troy Hunt has ended up playing an oddly central role in global cybersecurity. In April, the US Federal Bureau of …
Pizza Hut says nearly two-hundred thousand customers affected by data breach
by By Caitlin Rawling on September 21, 2023
Nearly 200,000 Pizza Hut Australia customers have had their data leaked, following a cyber attack earlier this month. On Wednesday, a spokesperson for …
Medibank incurred $7.5 million in direct tech costs after cyber attack
by Richard Chirgwin on September 21, 2023
Medibank has revealed a breakdown of its $46.4 million data breach expense amount incurred after a high-profile cyber incident last year. In the …
Post Title
on September 20, 2023
Digital ID legislation lands at last
by Richard Chirgwin on September 20, 2023
The federal government has introduced digital identity legislation to parliament, with the ACCC named in it as the preferred digital ID regulator. In …

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

Featured

Incident: Dymocks warns customers of data breach after account information leaked on dark web | ABC News (Australia)

Featured

Incident: Defence Housing Australia investigates third-party provider hack exposure | iTnews

Incident: Pizza Hut Australia leaks one million customers' details, claims ShinyHunters hacking group | Bitdefender

Incident: University of Sydney caught up in third-party data breach | iTNews

Incident: Thousands of donors to Australian charities, including Cancer Council and Canteen, have data leaked to dark web | ABC News (Australia)

Featured

Audit: NSW's local government audit found that 47% of councils did not have a cyber security plan | kirbyidau.com

Featured

Audit: Australian Senate Estimates reveals 435 Chinese-made surveillance devices found at defence sites

Audit: Western Australia Auditor General's Local Government Information Security Audit 2021-22 reports 324 control weaknesses

Audit: Western Australia Auditor General's State Government Information Systems Audit 2021-22

Audit: Queensland Audit Office's State Entities 2022 reports deficiencies in information systems

Featured

Quote: Meera Srinivasan "Home is where the Heart is ..."

Featured

Quote: Chinese Proverb "When planning for a year, plant corn. When planning..."

Quote: Elijah Shaw "In the battle of real world vs..."

Quote: Kirsten Manthorne "You are an essential ingredient in our ongoing effort to reduce Security Risk.”

Quote: H. Stanley Judd "The ultimate security is your understanding of reality."

Incident: Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment | ABC News (Australia)

Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment

Conti claims to have stolen more than 300 gigabytes of data in this attack