Incident: Aussie banks warn customers after fresh PayID data breach | iTnews

Incident: Aussie banks warn customers after fresh PayID data breach | iTnews

Australian Information Security Incident Reported: August 21 2019

Aussie banks warn customers after fresh PayID data breach

‘Client-side technical issue’ blamed for latest disclosure.

Reported in: iTnews

Banks have started warning customers of a fresh data breach involving PayID records that was reported to new payments platform overseer NPP Australia late Friday.

NPP Australia said that an undisclosed number of PayID records “and associated data in the Addressing Service were exposed by a vulnerability in one of the financial institutions sponsored into the NPP by Cuscal Limited.”

“The affected data included PayID name and account numbers. However, the spokesperson said that “no financial transactions took place in this process and the issue has been remediated”

Source: Aussie banks warn customers after fresh PayID data breach

Incident: Air NZ Airpoints customers caught in phishing scam| Otago Daily Times

Incident: Air NZ Airpoints customers caught in phishing scam| Otago Daily Times

New Zealand Information Security Incident Reported: August 09 2019

Air NZ Airpoints customers caught in phishing scam

‘We have secured the two affected accounts and are conducting a thorough investigation’ ANZ

Air New Zealand is telling Airpoints members some of their personal information has been caught in a phishing scam.
While Airpoints accounts, passwords and credit card details were not accessed, the airline says some information relating to membership profiles may have been compromised.

The airline’s loyalty scheme has about two million members but the number affected is unclear.

Source: Air NZ Airpoints customers caught in phishing scam

Incident: Auckland’s Rosehill College deletes pupils’ personal data from their own laptops | Stuff.co.NZ

Incident: Auckland’s Rosehill College deletes pupils’ personal data from their own laptops | Stuff.co.NZ

New Zealand Information Security Incident Reported: August 08 2019

Auckland’s Rosehill College deletes pupils’ personal data from their own laptops

The school website states all students must have a digital device as a “necessary learning tool”

A school which requires pupils to buy their own digital devices has come under fire after all data was deleted from students’ laptops during a school-mandated software update.

The newsletter, which was emailed to parents, did not mention data would be deleted from devices during the software update. However, the “e-learning” section of the school’s website, which the newsletter contained a link to, warned any material saved on the Chromebook’s hard-drive should be moved to the student’s GoogleDrive account.

Blakely said the school was yet to receive any complaints about deleted files but she encouraged parents to contact the school to discuss any problems that may have arisen from the software update.

Source: Auckland’s Rosehill College deletes pupils’ personal data from their own laptops

Incident: TAFE NSW staff details stolen after computer systems allegedly hacked | 9News

Incident: TAFE NSW staff details stolen after computer systems allegedly hacked | 9News

Australian Information Security Incident Reported: August 08 2019

TAFE NSW staff details stolen after computer systems allegedly hacked

Around 30 employees have not been paid on time after having personal information stolen in what TAFE NSW said was a “targeted phishing attack”.

Reported in: 9 News

Computer hackers have allegedly breached TAFE NSW’s payroll system and stolen bank details of at least two dozen staff, TAFE and a victim of the hack said.

“These credentials were used to access employee self service functions within the payroll system and alter bank details,” he told nine.com.au. “The attempt was discovered quickly and measures immediately put in place to stop fraudulent payments.

“TAFE NSW is working with Cyber Security NSW and the NSW Police Cyber Crime unit to identify the source of the breach and to ensure it doesn’t happen again.

Source: TAFE NSW staff details stolen after computer systems allegedly hacked

Incident: Thousands of Australian medical histories exposed in data breach | SMH

Incident: Thousands of Australian medical histories exposed in data breach | SMH

Australian Information Security Incident Reported: August 07 2019

Thousands of Australian medical histories exposed in data breach

UpGuard uncovered Neoclinical’s unsecured database on the internet

Reported in: SMH

Tens of thousands of Australians have had their medical histories and other private information exposed in a large data breach of a company that enabled them to participate in paid clinical trials.

The database belonging to Neoclinical exposed approximately 37,000 people’s contact information and their responses to personal medical questions qualifying them for clinical trials, which included information about diagnoses, illicit drug use and treatments.

Source: Thousands of medical histories exposed in data breach

Incident: Thieves steal laptops with 30 years of data from University of Western Australia | iTnews

Incident: Thieves steal laptops with 30 years of data from University of Western Australia | iTnews

Australian Information Security Incident Reported: July 28  2019

Thieves steal laptops with 30 years of data from University of Western Australia

Reported in: iTnews

Thieves broke into the University of Western Australia and stole an undisclosed number of laptops containing “fragmented” student data stretching back 30 years.

Vice-Chancellor Professor Dawn Freshwater said in an email to students that the laptops contained “fragmented data relating predominantly to people who applied to study at UWA between 1988 and January 2018” stored locally on the machines. “The bulk of this data relates to Australian citizens or residents and includes tax file numbers (TFN) and student identification numbers, and in these cases while some names and contact information are spread across the laptops, they are not directly linked to the TFNs or student IDs,” she said.

International students that applied to study at UWA “between September 2014 and December 2018” had a wider variety of information stored on the stolen machines, included personal details, passport numbers, and Visa status and numbers.
 

Source: Thieves steal laptops with 30 years of data from University of Western Australia
University Statement: Computer theft / Data-loss notification