Incident: Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment | ABC News (Australia)
Australian Recruitment Ransomware Incident,
18 December 2021
Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment
Conti claims to have stolen more than 300 gigabytes of data in this attack
A long list of businesses, banks and government agencies were caught up in the leak by way of their ties with Finite, including Westpac, ME Bank, Coles, Adairs, AMP, Suez Australia, NBN Co and the departments of Defence, Home Affairs and Health.
IT recruitment firm Finite Recruitment has confirmed it experienced a cyber incident in October, which resulted in a “small subset” of the company’s data being downloaded and published on the dark web.
Hackers have accessed and released sensitive data that includes resumes, offers of employment, contracts, timesheets and vaccine certificates, with the likely goal of extracting a ransom.
Some of Finite Recruitment’s clients contacted by the ABC said they were aware of the leak, while others had not been notified.