Select Page

Australian Cyber Aware – As It Was 2604 – April 2026

Australian Cyber Aware – As It Was 2604 – April 2026

Australian Cyber Away Monthly As It Was April 2026

This monthly review provides a curated summary of Australian and New Zealand cyber, privacy, and information security developments identified during April 2026. It includes a cross-section of incidents, regulatory updates, audit findings, and broader industry developments relevant to business and government audiences.

The content is independently sourced from publicly available reporting and government publications, with the aim of supporting internal awareness and risk-informed decision-making. This report is free to use within organisations for awareness and education purposes; however, the “collection” remains the intellectual property of Australian Cyber Aware and must not be reproduced, redistributed, or republished without permission.

This post may be updated as more news or reports are discovered. The latest version can be accessed via the Australian Cyber Aware website.

Australian Cyber Aware - Flipboard

 

Commentary: It has been awahile since I’ve had the capacity to be able to be able to curate these summaries. There are some fundamental changes and simplifications of content that should make it easier to maintain going forward. For the interiumn I will not be doing individual incident reports but the website home page will have a listing of incidents and audit report.

So April 2026 was actually fairl busy on the inident front. I was able to track about 16 public disclose incidents, but have another 10 or so that I could not confirm, I have a track of all incidents but only publish the one’s I have some level of certainity about. A lot of ramsomware reports I think are more of scam/extortion attempts. The incident I saw with the most coverage, and relevant to us cyber professional and the insider threat risk was Treasury staffer charged for NSW government data breach.

Next month we’ll get back to adding the news clippings, for now they are accessiabel via the Flipboard link.

Please free to comment and provide suggestion.

YouTube player

Publicly Reported Incidents for April 2026

Claim Status: Confirmed = Acknowledged by organisation/public statement/regulator | Published = Published in mainstream or reputable media 

Confirmed 29-Apr-26 NZ
NZ council cyber attack leads to ID and financial data being exposed
The Hutt City Council, located in the north island of New Zealand, reportedly suffered a phishing incident in March, leading to the identity data of five people and the financial information of as many as 732 people being exposed.

Confirmed 28-Apr-26 AU NSW
Generation Life informs customers of ‘cyber incident’ as owner shares incident with ASX
Financial services firm Generation Life has begun notifying customers of a potential data breach hours after its parent company, Generation Development Group, shared details of the incident in a report to the Australian Stock Exchange.

Confirmed 27-Apr-26 AU NSW
Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims
Major Australian ice-cream retailer Gelatissimo has launched an investigation into claims made by hackers that the company was breached in a ransomware incident.

Confirmed 23-Apr-26 AU SA
Exclusive: SA genealogical research firm Genealogy SA, confirms cyber incident following SafePay ransom claims
Threat actors have claimed to have hacked a South Australia-based genealogy non-profit, allegedly having stolen and published data.

Confirmed 22-Apr-26 NZ
Private healthcare provider IntraCare hit by cyber breach
IntraCare responded to a cyber incident involving unauthorised access to its network on Friday, 20 March 2026. Out of an abundance of caution, we decided to shut down our information technology (IT) systems and defer patient procedures for the week beginning 23 March. We communicated directly with those patients and affected specialists. Our services resumed on the 30th March.

Confirmed 21-Apr-26 AU NSW
Treasury staffer charged for NSW government data breach
In a statement released today (Tuesday, 21 April), the state government said that an NSW Treasury staff member was involved in the incident, which was discovered when a suspected data transfer to an outside party was detected.

YouTube player

Confirmed 17-Apr-26 AU NSW
Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group
Hackers claim to have stolen 441 gigabytes of data, including internal correspondence, driver’s licence scans and revealing Christmas party photos.

Published 16-Apr-26 AU SA
Accused hacker allegedly targeted government departments, courthouse and gym, court hears
Payneham resident Aiden Wood, 22, appeared in the Adelaide Magistrates Court on Thursday after being charged with 12 hacking offences including operating a restricted access computer system and modifying computer data to cause harm or inconvenience.

Published 15-Apr-26 AU QLD
Exclusive: Qld pharmacy chain allegedly breached by Kairos ransomware
With seven locations, FriendlyCare Pharmacy was listed on the dark web leak site of the Kairos ransomware group, claiming to have stolen 113 gigabytes of data.

Confirmed 15-Apr-26 NZ
NZ racehorse auction stalled by cyber attack
The New Zealand Bloodstock National Online Yearling Sale, which is held on the Gavelhouse Plus platform, was delayed 24 hours after New Zealand Bloodstock confirmed the site suffered a cyber attack.

Confirmed 14-Apr-26 AU NSW
Exclusive: Aussie communications company Mastercom ‘aware’ of INC Ransom claims
Hackers have published customer and hardware data belonging to a Sydney-based firm providing communications solutions to hundreds of businesses and local councils.

Confirmed 12-Apr-26 AU VIC
Exclusive: Aboriginal community organisation confirms cyber incident following INC Ransom claims
A Dja Dja Wurrung (Bendigo) based Aboriginal community centre has confirmed a cyber incident following claims made by the INC Ransom threat group.

Published 12-Apr-26 NZ
Exclusive: Krybit hackers claim breach of New Zealand IT services provider
A newcomer to the ransomware scene has listed Kiwi company Dencom New Zealand as a victim on its darknet leak site, one of 16 victims the group has claimed to breach since it was first observed earlier this month.

Published 10-Apr-26 AU QLD
Exclusive: Gunra ransomware lists Queensland Eric Davis Dental as breach victim
Hackers linked to the Gunra ransomware-as-a-service operation have listed Eric Davis Dental as a data breach victim on its darknet leak site, potentially compromising the medical data of hundreds of patients. Eric Davis Dental is aware of the hacker’s claims, and doubts their veracity.

Confirmed 07-Apr-26 AU VIC
Exclusive: Victorian resort hotel allegedly breached by Space Bears ransomware
On 6 April 2026, Brooklands of Mornington was listed on the dark web leak site of the Space Bears ransomware group, which claimed to have stolen personal data belonging to both guests and staff, financial documents and “other files”.

Confirmed 04-Apr-26 AU WA
Exclusive: Anubis ransomware gang claims hack of WA-based Shine Aviation
The Anubis ransomware operation are claiming to have exfiltrated 57 gigabytes of data, totalling more than 68,000 files.

YouTube player
YouTube player
YouTube player

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Trackbacks/Pingbacks

  1. Australian Cybersecurity News for May 2026 – Canadian Cyber Watch - […] 04 May 2026Australian Cyber Aware – As It Was 2604 – April 2026This monthly review provides a curated summary…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Hacked! Royal Foods confirms cyber incident following The Gentlemen ransomware claims

Hackers behind the Mackay Sugar breach list Australian gourmet food supplier on darknet leak site. • Fri, 10 Jul 2026 • Security *]:clear-none … [...]

AUSCERT Week in Review for 10th July 2026

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has issued a critical alert following a large-scale cyber campaign … [...]

Telstra outage sends warning about dangers of future telecommunications attacks

Sky News host Jaimee Rogers says the Telstra outage is a warning for how dangerous a deliberate attack on Australia’s telecommunications could be. “Communications are critical infrastructure, so why aren't [...]

Telstra CEO says she is ‘deeply sorry’ for nationwide outage

The CEO of Telstra has returned from leave following the outage impacting its services, having now issued an apology for the issues caused. • Fri, 10 … [...]

Australian cyber security leader recognised with global AI ethics award

Maryam Shoraka has been named the 2026 Global Cybersecurity AI Ethics Woman of the Year, recognising her work at the intersection of cyber security … [...]

Cyber and Infrastructure Security Centre Website

Cyber and Infrastructure Security Centre Website Protecting Australia's Cyber and Infrastructure Security.​​​ [...]

Telstra outage: 'Software defect solution' in place after hundreds unable to call Triple Zero in outage

Telstra has implemented a fresh "solution" to resolve a secondary software defect that left hundreds of customers unable to make Triple Zero calls … [...]

Stolen Credentials Put Australia’s Critical-Infrastructure Defenses on the Clock

In critical infrastructure, the most dangerous breach is not always the one that breaks a firewall. Sometimes it is the one that looks like normal … [...]

Telstra outage fallout: Triple-Zero not fully restored, V/Line services still offline | ABC NEWS

Victoria's regional rail network remains at a standstill following a nationwide telecommunications outage yesterday that stranded commuters. Passengers are being urged not to travel on V/Line services if possible. Telstra [...]

Questions asked about telco regulation after Telstra suffers outage

Experts and advocates have demanded changes to how telecommunication companies are regulated and held accountable for outages after Telstra became … [...]

Scammers use AI image to target parents of WA missing man

Extortionists have sent the parents of a missing West Australian man an AI-generated image of their son and demanded thousands of dollars in exchange … [...]

Telstra outage halts regional train services in Victoria, NSW | ABC NEWS

A nationwide outage to Telstra services has caused all regional train services in Victoria to halt, as well as stopping two key branch lines in the NSW Southern Highlands and [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading