Australian Cyber Aware Cyber Incidents Listing
This listing tracks reported cybersecurity incidents across Australia and New Zealand, offering a clear, practical view of the real threats facing organisations today. While major international and high-profile Australian incidents often dominate headlines, many everyday cyber events go largely unnoticed—creating an awareness gap for businesses seeking to understand the risks they genuinely face.
From data breaches to ransomware attacks, each entry shows how cyber risks are materialising in real-world environments across a wide range of sectors and organisation sizes. The purpose is simple: to increase awareness, promote transparency, and help organisations and individuals better understand the nature and frequency of local incidents.
By tracking patterns, trends, and impacts over time, this resource supports stronger risk management, improved preparedness, and more informed, defensible security decisions.
Claim Status: Confirmed = Acknowledged by organisation/public statement/regulator | Published = Published in mainstream or reputable media | Claim = Leak-site claim only, unverified | Withdrawn = The claim has been withdrawn | Denied = The victim has formally denied the claim | Unknown = No corroborating evidence has been found
NOTE: Claimed, withdrawn, denied, and unknown listings may be extortion events with no factual basis to believe that an actual incident occurred.
July 2026
Claim 02-Jul-26 AU NSW
Unconfirmed: Qilin Ransomware Strikes Pennant Hills Golf Club
A newly surfaced victim listing naming Pennant Hills Golf Club shows how ransomware operators turn public exposure into pressure, even when the underlying compromise has not been independently established.
June 2026
Confirmed 30-Jun-26 AU NSW
Ernst and Young staff sacked after Anthony Albanese’s private banking information allegedly breached
Two Ernst and Young employees have been sacked after Prime Minister Anthony Albanese’s personal banking information was allegedly breached while the pair worked for the accounting firm at the Commonwealth Bank.
Published 25-Jun-26 AU NSW
Exclusive: NSW Rural Fire Service warns members of ‘cyber security incident’
The commissioner of the NSW Rural Fire Service (RFS) has warned members of the RFS that it has become “aware of a cyber security incident involving our ICT systems”. The incident had not impacted the RFS’s operational response capability, but said that some data may have been compromised.
Confirmed 24-Jun-26 AU QLD
Six men charged over alleged insider fraud plot against construction giant Shadforth
Queensland police launched an investigation in May last year after Shadforth received an anonymous letter alleging Mr Martin and Mr Larson were colluding to access sensitive information about Shadforth’s live tender submissions.
Published 23-Jun-26 AU ACT
Exclusive: National Portrait Gallery of Australia investigating data breach claims
Threat actor 2019 posts alleged National Portrait Gallery customer and client data to undergound hacking forum; names, emails, and location data potentially compromised.
Published 22-Jun-26 AU VIC
Exclusive: Victorian RV dealer suffers alleged cyber attack
Southern Design RV, a Ballarat, Victoria-based dealer specializing in new and used Australian-made caravans, has been listed as a victim by the emerging cybercrime group CMD Organization. The threat actor claims to have exfiltrated sensitive customer data, including names, addresses, emails, phone numbers, and purchase details, which it has posted as a sample on its leak site.
Confirmed 19-Jun-26 AU QLD
ALS Restores Operations After Cyberattack as Data Exposure Review Intensifies
ACTOR-DRIVEN disruption at ALS Limited, an Australian laboratory testing and inspection company, is exposing the operational and data security risks facing critical service providers after the firm restored most of its systems following a cyber incident while continuing to assess potential data impacts.
Published 19-Jun-26 AU VIC
Exclusive: 2019 claims alleged cyber incident on Melbourne weight-loss clinic
Notorious threat actor 2019 listed the clinic on an infamous hacking forum, claiming to have stolen data from over 28,000 patients across over 300,000 records at Elina Medical Weight Loss Clinic in Melbourne.
Published 18-Jun-26 AU, NZ
Exclusive: Harcourts allegedly hacked by SafePay ransomware
Major Australia-based real estate firm Harcourts has allegedly suffered a cyber incident after threat actors listed the company on their dark web leak site.
Published 18-Jun-26 AU VIC
Exclusive: Qilin ransomware claims hack of Aussie K-12 tutoring provider
The Qilin ransomware-as-a-service operation has listed a Victoria-headquartered online tutoring company, Kinetic Education, as a victim on its darknet leak site.
Denied 17-Jun-26 AU NSW
NSW government disputes alleged data breach
The New South Wales Government has shut down claims that it was hit by a data breach after a ransomware group leaked an alleged sample of 200GB in stolen data to the dark web.
Confirmed 16-Jun-26 AU
Exclusive: Hacker uses Productivity Commission breach to bully journos
The Australian Productivity Commission has confirmed an incident in which emails were sent out from its noreply email address that appeared to have been sent by a threat actor.
Confirmed 12-Jun-26 AU ACT
Exclusive: Ochre Health confirms patient data from its Tuggeranong clinic potentially compromised
The medical records, including Medicare numbers and DVA numbers, of potentially more than 25,000 patients of ACT-based Ochre Medical Centre Tuggeranong have been sold by a 2019 ransomware group online after a prolific hacker breached an unnamed third-party provider.
Confirmed 12-Jun-26 AU
Exclusive: One Nation blames “fearful Labor goons” for DDoS site crash
A spokesperson for Pauline Hanson’s One Nation has taken to Facebook to explain why the party’s donation website was down today. “Deliberate DDoS attack”.
Denied 12-Jun-26 AU
Exclusive: Australian Medical Council denies ransomware attack in wake of false claim
The Australian Medical Council (AMC) has said it was not the victim of a ransomware attack after it was listed as a victim on the darknet site of the ThreeAM hacking group.
Confirmed 11-Jun-26 AU SA
Parents warned after ‘cyber security breach’ at South Australia’s Reynella East College
A cyber security incident has taken the IT systems of a South Australian school, Reynella East College, offline for at least several days, a letter from the state’s Department of Education has warned.
Confirmed 11-Jun-26 AU WA
Student data compromised in second University of Western Australia data breach in 6 months
The University of Western Australia has disclosed it has been the victim of a data breach after access credentials for its Callista database were accidentally shared online.
Confirmed 10-Jun-26 AU QLD
Cyber attack shuts down two Mackay Sugar mills
Advocacy group Canegrowers confirmed on Wednesday the incident had shut down Mackay Sugar‘s milling and cane haulage across the Farleigh and Racecourse mills just outside Mackay, both of which had started crushing within the past week.
Published 10-Jun-26 AU NSW
Exclusive: 2019 claims breach of Australian lingerie retailer
In a post on a notorious hacking forum made earlier this month, threat actor 2019 claimed to have breached DeBra’s, saying that they exfiltrated 196,800 customer records and 1.2 million order records.
Published 10-Jun-26 AU QLD
Exclusive: Qilin targets Qld healthcare provider, but gets a bit confused
Qilin listed The Banyans Healthcare, an entity it called The Banyans Health and Wellness, on 8 June, and while the hackers shared few details (no evidence, no ransom demand, nor any idea of the volume of data allegedly compromised). The actual breach appears to be at Banyans Medical Centre and Specialist Clinics, which is investigating the incident.
Published 09-Jun-26 AU NSW
Exclusive: Napoleon Perdis allegedly breached following threat actor claims
Australian luxury make-up and cosmetics brand Napoleon Perdis has allegedly suffered a cyber incident after a threat actor claimed responsibility for breaching the company.
Published 09-Jun-26 AU VIC
Exclusive: Aussie farming group launches investigation following Qilin cyber attack claims
Late last month, Tripod Farmers was listed online by the Qilin ransomware group. According to threat feeds observed by Cyber Daily, the incident occurred around 17 February 2026, suggesting that the threat actor has had access for an extended period.
Published 09-Jun-26 AU NSW
Exclusive: 2019 claims cyber incident on Aussie ASX and financial market research firm
Over the weekend (6 June), threat actor 2019 listed Kalkine Media on an infamous cyber crime forum, claiming to have stolen the personal data of over 2,900 customers.
Published 09-Jun-26 AU NSW
Exclusive: Hacker claims breach of Aussie travel agency, FirstClass, 53k customers potentially impacted
2019, a prominent member of a popular underground hacking forum, said in a June 3 post they had gained access to the data of more than 53,300 customers of luxury travel website, FirstClass.com.au.
Denied 05-Jun-26 AU
Exclusive: Centrelink denies hacker claims of cyber attack
A threat actor with a reputation for targeting Australian entities has claimed a cyber attack on government service Centrelink, a claim Centrelink says is false.
Confirmed 04-Jun-26 AU NSW
Australia luxury lifestyle brand Camilla confirms cyber incident
Australian luxury and lifestyle fashion brand Camilla has confirmed a cyber incident, leading to company data theft by a threat actor.
Confirmed 04-Jun-26 AU NSW
Exclusive: MMJ Real Estate allegedly hacked, 17.3k customer records potentially compromised
The personal data of more than 17,300 clients of Australian estate agent MMJ Real Estate has potentially been exposed in a data breach.
Confirmed 03-Jun-26 AU VIC
Exclusive: Hacker claims breach of the Australian Centre for the Moving Image, PII allegedly compromised
A hacker going by the name of 2019 has published what they claim is the personal data of more than 25,000 customers of the Australian Centre for the Moving Image (ACMI) to a hacking forum.
Published 02-Jun-26 AU NSW
Exclusive: Aussie workplace catering firm Hampr suffers alleged 360k record data breach
The Hampr records come in two parts. The first contains customer IDs, names, mobile phone numbers, and account details, while the second part contains dietary information, payment details, billing information, and workspace details.
Confirmed 01-Jun-26 AU VIC
Hacked! Melbourne International Film Festival responding to cyber incidents
The Melbourne International Film Festival has said it is responding to a pair of cyber incidents that have affected its 340 000 customers’ data.
Confirmed 01-Jun-26 AU NSW
Exclusive: VSP Solutions responding to Stormous ransomware attack
Aussie video security firm VSP Solutions says it has contained the incident after hackers claimed to have stolen and published 40 gigabytes of company data.
May 2026
Confirmed 28-May-26 AU QLD
Exclusive: Accounting firm Kennedy McLaughlin confirms ‘cyber incident’ following Qilin ransomware attack
Queensland-based firm Kennedy McLaughlin says it has notified impacted individuals as hackers publish client financial and banking data online.
Published 28-May-26 AU VIC
Exclusive: Victorian retail logistics firm allegedly breached by DragonForce
QLS Group is a large appliance logistics services provider. DragonForce ransomware gang claims to have exfiltrated 554.65 gigabytes of data.
Published 27-May-26 NZ
Exclusive: New Zealand’s Alpha Group Holdings allegedly hacked
The Qilin ransomware group have claimed to have “sensitive data” from Auckland-based health supplement producer, Alpha Group Holdings
Published 26-May-26 AU VIC
Exclusive: Marketing and merchandise firm Branded Products listed by Qilin ransomware
A Melbourne-based branded merchandise supplier, Branded Products, has been listed as a victim of hacking by the Qilin ransomware-as-a-service operation.
Published 25-May-26 AU VIC
Exclusive: Victorian regional newspaper allegedly hacked by ransomware group
The Brain Cipher ransomware group has listed The Adviser – a newspaper and media outlet serving the Shepparton area in regional Victoria – as a hacking victim on its darknet leak site.
Confirmed 24-May-26 AU WA
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid.
Confirmed 22-May-26 AU NSW
State Library of NSW responding to April cyber intrusion
The State Library of NSW has said it expects to have its full range of services back online by 29 May, as it continues to handle the fallout from an April cyber incident.
Confirmed 19-May-26 AU VIC
Exclusive: Major cleaning and facility services firm confirms third-party cyber incident
Major private cleaning and facility services firm Menzies Group has confirmed a cyber incident that occurred after a third-party IT provider was breached.
Published 17-May-26 AU VIC
Exclusive: INC Ransom claims cyber attack on Australian engineering service company
Threat actors INC Ransom have claimed responsibility for a cyberattack on an Australian engineering solutions company, Metaval, and are threatening to publish data they allegedly exfiltrated.
Published 15-May-26 AU VIC
Exclusive: Hospitality IT provider allegedly breached by Qilin
Bluize is an IT supplier of hospitality solutions for pubs, bars, restaurants, and gaming venues. Threat actor Qilin has claimed responsibility for a cyberattack on an Australian hospitality and gaming industry supplier, having listed the firm on the dark web.
Published 17-May-26 AU NSW
Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims
The Australian College of Business Intelligence (ACBI) has said it is aware of claims by the ransomware group Qilin and is actively investigating a potential cyber incident.
Confirmed 14-May-26 AU TAS
Exclusive: Tassie hospitality group confirms CMD Organisation ransomware attack
A new hacking group targets Devonport-based Goodstone Group, compromising employee passports in the attack.
Confirmed 13-May-26 AU WA
Scope Systems confirms cyber incident, says no data loss occurred
Western Australia-based software deployment specialist and reseller Scope Systems has disclosed a cyber incident but said no data loss occurred. The company posted a statement on 6 May, confirming that it had detected malicious activity.
Published 12-May-26 AU VIC
Exclusive: Aussie firm Earth Systems listed by INC Ransom hacking group
The hackers INC Ransom listed the Victoria-based Earth Systems in a 7 May post to their darknet leak site, claiming to have stolen at least 600 gigabytes of company data, including, according to INC Ransom, “full corp data, nda client contract project” information.
Confirmed 12-May-26 AU VIC
Institute of Public Accountants members hit by data breach
Members of the Institute of Public Accountants received an email last week after the names and member numbers were leaked. The body has stressed that the breach did not include any personal information.
Published 11-May-26 AU NSW
Exclusive: Aussie toy distributor listed by M3rx ransomware
“An Australian toy distributor KB Toys, with an extensive eBay presence is the latest Australian victim claimed by a newcomer ransomware gang, M3rx.
Ransomware notification sites claim to have exfiltrated 140 gigabytes of data, spanning nearly 37,000 files.”
Published 11-May-26 AU NSW
Exclusive: Australian Computer Society investigating possible breach after ShinyHunters hack claims
The Australian Computer Society (ACS) has responded to claims made by the hackers behind last week’s Instructure education breach.
Published 07-May-26 AU QLD
Exclusive: Aussie car parts importer Strategic Imports allegedly breached by threat actors
Threat actors have claimed responsibility for a cyberattack on a Queensland automotive parts importer, Strategic Imports, alleging they exfiltrated data from its network.
Confirmed 07-May-26 AU QLD
Qld gov says students, staff caught in Canvas cyber incident
Education Queensland says that students and staff working or studying at state schools since 2020 may have been caught up in a breach of the global education systems vendor, Instructure. Multiple institutions, including RMIT University, UTS, TasTAFE Tasmania and Western Sydney University, were urgently assessing their potential exposure to the incident.
Confirmed 06-May-26 AU QLD
Hacked: ALS discloses cyber incident, unauthorised access to IT systems
Queensland-based scientific testing company ALS recently reported to the ASX that it “identified malicious cyber activity involving unauthorised third-party access to some of our IT systems.” No details are available on the incident.
Published 06-May-06 AU NSW
Exclusive: Australian energy management firm allegedly breached by SafePay
Threat actor SafePay has claimed responsibility for a cyberattack on an NSW energy management and consulting firm, Energy Action, threatening to release allegedly stolen data within a number of days.
Confirmed 05-May-26 AU NSW
Exclusive: Champion Homes confirms customer data compromised in ‘cyber event’
Australian home builder Champion Homes has confirmed it was recently the victim of a cyber attack that exposed a limited amount of employee and customer data. DragonForce ransomware operation threatened to publish a 44-gigabyte dataset on the dark web.
Confirmed 04-May-26 AU NSW
Exclusive: Major Australian jewellery brand confirms cyber incident
Gregory Jewellers is an Australian-owned retailer that specialises in fine jewellery, watches, and accessories. The company was listed on the Kairos ransomware gang’s dark web leak site, which claimed to have stolen 574 gigabytes of data from it.
Confirmed 04-May-26 NZ
Exclusive: Kiwi firm, McKay electrical contractor, confirms cyber attack
McKay, one of New Zealand’s largest privately owned electrical contractors, has confirmed it was the victim of a cyber attack in January, after it was listed as a victim on the darknet leak site of a newly emerged ransomware group.
Published 01-May-26 AU NSW
Exclusive: Prime Properties listed as breach victim by M3rx ransomware
Hackers are alleged to have stolen more than 80,000 documents totalling 100 gigabytes of data from a Sydney-based property investment firm, Prime Properties.
April 2026
Confirmed 29-Apr-26 NZ
NZ council cyber attack leads to ID and financial data being exposed
The Hutt City Council, located in the north island of New Zealand, reportedly suffered a phishing incident in March, leading to the identity data of five people and the financial information of as many as 732 people being exposed.
Confirmed 28-Apr-26 AU NSW
Generation Life informs customers of ‘cyber incident’ as owner shares incident with ASX
Financial services firm Generation Life has begun notifying customers of a potential data breach hours after its parent company, Generation Development Group, shared details of the incident in a report to the Australian Stock Exchange.
Confirmed 27-Apr-26 AU NSW
Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims
Major Australian ice-cream retailer Gelatissimo has launched an investigation into claims made by hackers that the company was breached in a ransomware incident.
Confirmed 23-Apr-26 AU SA
Exclusive: SA genealogical research firm Genealogy SA, confirms cyber incident following SafePay ransom claims
Threat actors have claimed to have hacked a South Australia-based non-profit, Genealogy SA, allegedly having stolen and published data.
Confirmed 22-Apr-26 NZ
Private healthcare provider IntraCare hit by cyber breach
IntraCare responded to a cyber incident involving unauthorised access to its network on Friday, 20 March 2026. Out of an abundance of caution, we decided to shut down our information technology (IT) systems and defer patient procedures for the week beginning 23 March. We communicated directly with those patients and affected specialists. Our services resumed on the 30th March.
Confirmed 21-Apr-26 AU NSW
Treasury staffer charged for NSW government data breach
In a statement released today (Tuesday, 21 April), the state government said that an NSW Treasury staff member was involved in the incident, which was discovered when a suspected data transfer to an outside party was detected.
Confirmed 17-Apr-26 AU NSW
Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group
Hackers claim to have stolen 441 gigabytes of data from Strata Republic, including internal correspondence, driver’s licence scans and revealing Christmas party photos.
Published 16-Apr-26 AU SA
Accused hacker allegedly targeted government departments, courthouse and gym, court hears
Payneham resident Aiden Wood, 22, appeared in the Adelaide Magistrates Court on Thursday after being charged with 12 hacking offences including operating a restricted access computer system and modifying computer data to cause harm or inconvenience.
Published 15-Apr-26 AU QLD
Exclusive: Qld pharmacy chain allegedly breached by Kairos ransomware
With seven locations, FriendlyCare Pharmacy was listed on the dark web leak site of the Kairos ransomware group, claiming to have stolen 113 gigabytes of data.
Confirmed 15-Apr-26 NZ
NZ racehorse auction stalled by cyber attack
The New Zealand Bloodstock National Online Yearling Sale, which is held on the Gavelhouse Plus platform, was delayed 24 hours after New Zealand Bloodstock confirmed the site suffered a cyber attack.
Claim 14-Apr-26 AU NSW
[Unconfirmed] Vitex Pharmaceuticals suffered a ransomware attack by LockBit 5.0 in April 2026, risking exposure of sensitive company data.
On April 6, 2026, the ransomware group LockBit 5.0 claimed responsibility for a cyberattack against Vitex Pharmaceuticals (vitexpharma.com), a leading Australian contract manufacturer specialising in vitamins. The group issued a statement threatening to release sensitive data unless their demands are met.
Claim 14-Apr-26 AU VIC
[Unconfirmed] The Gentlemen ransomware group claims to have hit Brand Collective in Australia
Brand Collective, identified as a leading Australian house of apparel, footwear, and sports brands operating across strategy, design, development, sales, supply chain, retail operations, e-commerce, and marketing, is listed as the victim in the post. The post is dated 2026-04-14 10:28:32 and presents Brand Collective as the subject of a ransomware-related leak.
Confirmed 14-Apr-26 AU NSW
Exclusive: Aussie communications company Mastercom ‘aware’ of INC Ransom claims
Hackers have published customer and hardware data belonging to a Sydney-based firm, Mastercom, providing communications solutions to hundreds of businesses and local councils.
Confirmed 12-Apr-26 AU VIC
Exclusive: Aboriginal community organisation confirms cyber incident following INC Ransom claims
A Dja Dja Wurrung (Bendigo) based Aboriginal community centre, Bendigo & District Aboriginal Co-operative (BDAC), has confirmed a cyber incident following claims made by the INC Ransom threat group.
Published 12-Apr-26 NZ
Exclusive: Krybit hackers claim breach of New Zealand IT services provider
A newcomer to the ransomware scene has listed Kiwi company Dencom New Zealand as a victim on its darknet leak site, one of 16 victims the group has claimed to breach since it was first observed earlier this month.
Claim 10-Apr-26 AU VIC
[Unconfirmed] Ransomware group Qilin has claimed to have breached Australian building company Peuker & Alexander
The Victorian company Peuker & Alexander who manufactures roof trusses, wall frames, and posi-strut systems. No other sources have been found to confirm Qilin’s claim.
Published 10-Apr-26 AU QLD
Exclusive: Gunra ransomware lists Queensland Eric Davis Dental as breach victim
Hackers linked to the Gunra ransomware-as-a-service operation have listed Eric Davis Dental as a data breach victim on its darknet leak site, potentially compromising the medical data of hundreds of patients. Eric Davis Dental is aware of the hacker’s claims and doubts their veracity.
Published 10-Apr-26 AU NSW
Exclusive: NSW pharmacy management firm allegedly breached by INC Ransom
Rx Management is a franchise network that manages a number of Pharmacy stores across New South Wales, Victoria and South Australia.
Denied 08-Apr-26 AU ACT
Exclusive: Aussie tech firm Seeing Machines confirms potential cyber security incident
Seeing Machines has not identified any relevant events in relation to the claim, nor has any unauthorised access to Seeing Machines systems or data has been identified at this time.
Confirmed 07-Apr-26 AU VIC
Exclusive: Victorian resort hotel allegedly breached by Space Bears ransomware
On 6 April 2026, Brooklands of Mornington was listed on the dark web leak site of the Space Bears ransomware group, which claimed to have stolen personal data belonging to both guests and staff, financial documents and “other files”.
Confirmed 04-Apr-26 AU WA
Exclusive: Anubis ransomware gang claims hack of WA-based Shine Aviation
The Anubis ransomware operation is claiming to have exfiltrated 57 gigabytes of data, totalling more than 68,000 files from Shine Aviation, based in Western Australia.
Published 01-Apr-26 AU VIC
Exclusive: Cuddly toy maker Charlie Bears allegedly hacked
The hacking group LockBit has listed the popular children’s toy outlet Charlie Bears as a victim on its darknet leak site, claiming to have breached the company’s network.
March 2026
Published 10-Mar-26 AU NSW
Exclusive: SafePay ransomware claims hack of Smile Team Orthodontics
The SafePay ransomware group has listed an NSW-based dental practice, Smile Team Orthodontics, as a victim on its darknet leak site and has published a raft of documents stolen during the breach.
Confirmed 10-Mar-26 AU SA
Public health patient demands apology after private health info given to media
A second public health patient in a matter of days has raised concerns about how the SA health minister’s office used personal patient information to “background” journalists ahead of the publication of stories.
Confirmed 10-Mar-26 AU WA
WA government’s Microsoft 365 issues led to $71k being stolen, exposure of child data
In the case of the data breach, which resulted from an audited entity emailing the personal and sensitive data of roughly 32 people, children included, to a third-party service provider that stored it in a Dropbox, the OAG said the entity did not have data loss prevention (DLP) controls implemented and did not assess the security of the third-party entity
February 2026
Confirmed 24-Feb-26 NZ
Patient details changed to ‘deceased’ in major NZ health app hack
An apparent hack of medication platform MediMap has led to some alive patients being marked as deceased, and others labelled as ‘Charlie Kirk’
Confirmed 24-Feb-26 AU VIC
Fowl play: Aussie poultry processor confirms cyber attack, chicken shortages hit customers
An Australian chicken farmer and processor, Hazeldenes, has revealed it was the victim of a cyber attack that has caused serious production disruptions.
Confirmed 18-Feb-26 AU NSW
Hacker releases data after claiming to have accessed ‘hundreds of thousands’ of Aussies’ loans, driver’s licences
Australian fintech platform youX, a hacker claimed to have stolen data on 629,597 loan applications as well as 607,822 residential addresses and 444,538 personal details such as names and phone numbers and 229,236 driver’s licences.
Confirmed 18-Feb-26 AU NSW
Exclusive: Aeromedical Society of Australasia confirms cyber incident following LockBit ransomware claims
The Aeromedical Society of Australasia (ASA), an organisation devoted to “professionals in air medical transport services across Australia and New Zealand”, has allegedly been hacked by the LockBit 5.0 ransomware operation.
Published 17-Feb-26 AU WA
Exclusive: Qilin ransomware claims hack of Mount Barker Co-operative
Hackers have allegedly stolen 40 gigabytes of data from the West Australian food co-op, Mount Barker Co-operative, potentially compromising more than 50,000 files.
Confirmed 17-Feb-26 AU NSW
Exclusive: Aussie hospitality group confirms cyber incident, claimed by Kairos ransomware
An Australian hospitality company, Seagrass Boutique Hospitality Group, has confirmed that it suffered a cyber incident, following claims by a notorious hacking group that they launched an attack on the company’s network, exfiltrating data.
Confirmed 17-Feb-26 AU
Highly sensitive Australian court data accessed by foreign entity based in India
Highly sensitive Australian court files have been accessed by foreign actors in breach of the Federal and Commonwealth Law contractual obligations, an ABC investigation can reveal.
Claim 07-Feb-26 AU WA
[Unconfirmed] Ransomware group claims to have breached West Australian online retailer ETTO Australia
Clop ransomware group have claimed to have breached ETTO Australia. No information can be located in support of the claim.
Claim 07-Feb-26 AU VIC
[Unconfirmed] Ransomware group Clop has claimed to have breached an Australian environmental consultancy firm.
“Ransomware group Clop declared responsibility for a cyberattack on an environmental consultancy firm,
MRA Consulting Group. The group has threatened to release sensitive data to the public unless their demands are met. No evidence has been presented on the breach.”
Claim 07-Feb-26 AU WA
[Unconfirmed] Clop Ransomware Targets Podiatry WA in Australia
The claimed data breach at Podiatry WA, a professional association for podiatrists, was reported by the CL0P ransomware gang. No evidence has been presented.
Claim 07-Feb-26 AU WA
[Unconfirmed] Clop Ransomware Attack on RMW Group in Western Australia
Ransomware group Clop have claimed to have breached hospitality group RMW Hospitality. No evidence has been presented.
Claim 07-Feb-26 AU WA
[Unconfirmed] Clop ransomware group claims to have breached a Western Australian financial advisor.
The notorious ransomware group Clop claimed responsibility for a cyberattack against the West Australian-based Ventnor Equities & Advisory. Clop announced an intention to leak sensitive data unless its demands are met. No evidence has been presented.
Claim 07-Feb-26 AU VIC
[Unconfirmed] Clop Ransomware Strikes Roberts Designs in Australia
notorious ransomware group Clop claimed responsibility for a cyberattack against Roberts Designs Pty Ltd (robertsdesigns.com.au), a Victorian design firm. The attackers have threatened to release sensitive data unless their demands are met.
Claim 07-Feb-26 AU VIC
[Unconfirmed] Ransomware group Clop has claimed to have breached Victorian construction group Skye Excavations.
The ransomware group Clop has targeted Skye Excavations, an Australian construction company, with a ransomware attack. The group has threatened to release sensitive data unless negotiations are initiated. No evidence has been presented.
Denied 05-Feb-26 AU VIC
Exclusive: Epworth HealthCare finds no evidence of data breach as hackers allege 920GB stolen in ransomware attack
Epworth HealthCare, which operates several locations throughout Melbourne and Geelong, has found itself at the centre of another alleged data breach after the 0APT ransomware group claimed to have stolen almost a terabyte of data.
Published 03-Feb-26 AU
Exclusive: Cl0p cyber extortion group targets Australian IT providers and clients
The Cl0p cyber extortion group has listed a raft of alleged Australian victims on its darknet leak site, listing nine companies linked to IT service providers,Whole IT and NextPhaze.
January 2026
Published 27-Jan-26 NZ
Exclusive: NZ poultry producer allegedly hacked by Cl0p
Brinks NZ, a chicken and poultry producer, has allegedly suffered a ransomware attack after hackers listed the group on their dark web leak site.
Confirmed 27-Jan-26 NZ
Exclusive: NZ law firm investigating cyber attack
Langley Twigg Law is investigating cyber a incident as the Anubis ransomware operation takes credit for a hack allegedly impacting confidential client data.
Published 19-Jan-26 AU VIC
Exclusive: Aussie estate agency declines comment following email compromise claims
With real estate scams on the rise, the email address of a Melbourne property firm, Jalin Realty, has sent suspicious links to a number of recipients.
Confirmed 15-Jan-26 AU VIC
All 1,700 Victorian government schools caught up in cyber attack, student data accessed
The Victorian Department of Education has confirmed a major data breach affecting all 1700+ government schools. Hackers accessed the names, emails, and encrypted passwords of current and former students, impacting potentially hundreds of thousands of individuals just weeks before the new school year.
Confirmed 14-Jan-26 AU QLD
14th January 2026 Cyber Update: Prosura Breach Exposes 300,000 Customers
Australian car rental insurer Prosura has suffered a major data breach, exposing the personal and policy information of an estimated 300,000 customers. Attackers are now selling the stolen data identity data on a public forum after the company reportedly failed to meet their demands.
Published 09-Jan-26 NZ
New details emerge on New Zealand Health record hack
New Zealand Health has announced that it will be further investigating the cyber security breach of Manage My Health, a website holding medical records for nearly 2 million New Zealanders.
Published 08-Jan-26 AU QLD
Exclusive: Qld doctor’s office allegedly hacked by brutal ransomware gang
Anubis ransomware gang, claims to have exfiltrated Ladley Family Doctors‘ data including names, gender, date of birth, address, phone numbers, mobile numbers, Medicare details, medical history, medication details, incident reports and more.
Confirmed 08-Jan-26 AU VIC
Exclusive: Victorian Catholic college suffers alleged cyber attack
Victorian Catholic college St Joseph’s College Echuca has allegedly been breached by anotorious threat actor Lynx with the group claiming to have encrypted and breached the organisation’s network
Confirmed 07-Jan-26 AU WA
Exclusive: Major Australian gold producer confirms cyber attack
ASX-listed gold producer Regis Resources has confirmed a cyber incident targeting its network, after hackers claimed to have breached the company.
Claim 05-Jan-26 AU WA
[Unconfirmed] West Australia statutory authority, South West Development Commission, breach claimed
“Ransomware group Lynx publicly claimed responsibility for a cyberattack against
South West Development Commission. The group has threatened to leak sensitive data unless the organisation initiates negotiations.”
Currently Updating ETA July 2026
2019
Last Update: 2019-11-19T15:43:40.614Z
2016
TGI Fridays Delivers Customer Indigestion Over Data Exposure | Threatpost







































































