Category: Awareness

Last Week 24 – 30 April: With the extra free time I’ve rummaged through state government audit agencies sites looking for recent audits. I’ve added two from Western Australia and once from the best state Queensland. They are worth reading to remind us that independent audits are a valuable tool (ISO 27002 5.35 Independent review of information security). Have a great Privacy Awareness Week.

Reports from 17th April – 24th April: Last week TAFE SA incident where police in an unrelated investigation “found” a USB stick full of student registration and identity documents. A report from ASIC “ASIC’s report flagged inconsistencies in dealing with scams between Australia’s big four banks as a major issue” and the banking industries response makes good reading. Hopefully, it will drive a few changes.

Reports from 10th April – 17th April: Last week the deeps of the Latitude (Coles and GEMoney) and Tasmanian Government (GoAnywhere) breaches kept the news feeds busy. Another insider unauthorised access incident led to criminal charges relating to kidnapping. The general themes of stories we third-party risk management and unnecessary retention of data.

Reports from 3rd April – 9th April: More publicly reported breaches increasing the trend we are seeing this year now that the general media sees some new value in these stories. Canberra Health Services and Australian National Maritime Museum were both Insider Threat jobs (one fraud, the other unauthorised access and disclosure). Both are good reminders to tighten up your related internal controls. Tik Tok ban, Operation Cookie Monster and GoAnywhere are among the stories of the week.

Very busy week on the breach reporting front and generally more press coverage of all things cyber. The Latitude breach’s extent revealed over 14 million records stolen. It is still to be revealed if the Tasmanian Government File-Sharing breach was part of the GoAnywhere series

Australian Cyber News Summary July 2022: GrainCorp’s ransomware attack, Victoria privacy commissioner third-party controls weakness, Melbourne Port Phillip Prison hacked, Woolworths everyday rewards users bad password habits, Aus trading company ACY 60gb data breach, Deakin Uni privacy breach 47k student details, WA local governments audit concerns.

Australian Cyber News Summary June 2020: Post election cyber reporting continues with the number of news stories and incidents reports increasing again. Public outcry over facial recognition at Good Guys, Bunnings and KMart. Also 2 Incidents reports and 3 audit findings.

Australian Cyber News Summary March 2020: Federal Budget, Cyber Tax Breaks, Service NSW, Australian Federal Police, Telstra.
InfoSec, Information Security, Cyber Security, CyberSec