by Steven Kirby | Aug 9, 2019 | Data Breach, 🥝 New Zealand, In the Press, Phishing, Privacy Breach, Transport and Logistics
Air NZ Airpoints customers caught in phishing scam
‘We have secured the two affected accounts and are conducting a thorough investigation’ ANZ
Air New Zealand is telling Airpoints members some of their personal information has been caught in a phishing scam.
While Airpoints accounts, passwords and credit card details were not accessed, the airline says some information relating to membership profiles may have been compromised.
The airline’s loyalty scheme has about two million members but the number affected is unclear.
Source: Air NZ Airpoints customers caught in phishing scam
by Steven Kirby | Aug 8, 2019 | 9 News, Australia, Australian InfoSec Incidents 2019, Data Breach, Education and Training, Hacked, Phishing, Privacy Breach
TAFE NSW staff details stolen after computer systems allegedly hacked
Around 30 employees have not been paid on time after having personal information stolen in what TAFE NSW said was a “targeted phishing attack”.
Reported in: 9 News
Computer hackers have allegedly breached TAFE NSW’s payroll system and stolen bank details of at least two dozen staff, TAFE and a victim of the hack said.
“These credentials were used to access employee self service functions within the payroll system and alter bank details,” he told nine.com.au. “The attempt was discovered quickly and measures immediately put in place to stop fraudulent payments.
“TAFE NSW is working with Cyber Security NSW and the NSW Police Cyber Crime unit to identify the source of the breach and to ensure it doesn’t happen again.
Source: TAFE NSW staff details stolen after computer systems allegedly hacked
by Steven Kirby | Jul 28, 2019 | Australian InfoSec Incidents 2019, Data Breach, Education and Training, iTnews, Physical Security, Privacy Breach, Western Australia
Thieves steal laptops with 30 years of data from University of Western Australia
Reported in: iTnews
Thieves broke into the University of Western Australia and stole an undisclosed number of laptops containing “fragmented” student data stretching back 30 years.
Vice-Chancellor Professor Dawn Freshwater said in an email to students that the laptops contained “fragmented data relating predominantly to people who applied to study at UWA between 1988 and January 2018” stored locally on the machines. “The bulk of this data relates to Australian citizens or residents and includes tax file numbers (TFN) and student identification numbers, and in these cases while some names and contact information are spread across the laptops, they are not directly linked to the TFNs or student IDs,” she said.
International students that applied to study at UWA “between September 2014 and December 2018” had a wider variety of information stored on the stolen machines, included personal details, passport numbers, and Visa status and numbers.
by Steven Kirby | Jul 2, 2019 | ARN from IDG, Australian InfoSec Incidents 2019, Data Breach, Hacked, Insider Threat, Law & Legal, Police and Law Enforcement, Queensland, Unauthorised Access
Police officer facing computer hacking charges
Subject to an investigation after gaining access to confidential information
Reported in: ARN
The unnamed officer from the Ethical Standards Command has now been stood down from official duty with the force pending an investigation into allegations of unauthorised access to confidential information.
The police officer has been served with a notice to appear alleging one charge pursuant to section 408E, computer hacking and misuse, of the Criminal Code and will be due to appear in the Brisbane Magistrates Court on 25 July.
.Source: Police officer facing computer hacking charges
by Steven Kirby | Jun 27, 2019 | Australian InfoSec Incidents 2019, Computerworld Australia, Configuration, Data Breach, Education and Training, New South Wales, Privacy Breach
Sydney headquartered MEGT data breach exposed students passport details, education data
Education provider hit by sizeable data breach
Reported in: Computer World Australia
Sydney-headquartered MEGT provides recruitment, group training and payroll services. The breach is believed to have related to its international student education arm.
An open Amazon Web Services S3 bucket exposed sensitive data about international students, including passport scans, visa details, and education agreements.
The collection of tens of thousands of documents appeared to include invoices, placement documents, and copies of emails received by MEGT.
.Source: Data breach exposed students passport details, education data
by Steven Kirby | Jun 20, 2019 | Australian InfoSec Incidents 2019, Credit Card, Data Breach, Education and Training, Hacked, Privacy Breach, The West Australian, Western Australia
A West Australian school has been swept up in a “highly sophisticated” cyber security attack, understood to have scooped up the banking details of parent and guardians.
It’s understood a “significant amount of data” was taken from “institutions with a profile in financial services”, including Nagle Catholic College in Geraldton.
This leaked information could have included information relating to bank accounts, credit cards and signatures for the payment of school fees.
Source: Geraldton’s Nagle Catholic College swept up in cyber attack targeting parent banking details
