Incident: Aussie ‘hacker’ jailed for unauthorised access and insider trading | ZDNet

Incident: Aussie ‘hacker’ jailed for unauthorised access and insider trading | ZDNet

Australian Information Security Incident Reported: June 25 2019

The IT consultant has been sentenced to three years in prison.

An Australian IT consultant has on Tuesday been sentenced to three years imprisonment after pleading guilty to a total of 11 charges for insider trading, unauthorised access to data with the intention to commit a serious offence, and the alteration of electronic devices required by the Australian Securities and Investments Commission (ASIC).

According to a statement from ASIC, Steven Oakes hacked into the private computer network of Melbourne-based financial publisher Port Phillip Publishing (PPP) between January 2012 and February 2016.

Source: Aussie ‘hacker’ jailed for unauthorised access and insider trading.

Incident: Electronic medical records locked down as cyber-hackers target hospitals | Nine News

Incident: Electronic medical records locked down as cyber-hackers target hospitals | Nine News

Australian Information Security Incident Reported: June 22 2019

The IT system across Eastern Health, which manages hospitals such as Box Hill and Maroondah, has been the target of a mystery cyber attack. The issue was immediately contained and there was no loss of data from the computer network.

Eastern Health says all computer systems are back up and running and has assured the public there has been no privacy breaches relating to patient information.

Source: Electronic medical records locked down as cyber-hackers target hospitals

Eastern Health Media Statement:  Computer outage experienced by Eastern Health (PDF)

Eastern Health Website Statement: Computer outage experienced by Eastern Health

Incident: Fears customer details stolen in Geelong Port cyber attack | Infrastructure Magazine

Incident: Fears customer details stolen in Geelong Port cyber attack | Infrastructure Magazine

Australian Information Security Incident Reported: June 18 2019

Geelong Port has been the subject of a cyber attack, resulting in a data breach of its electronically stored information such as visitor induction names and driver licences.

The investigation has found that on or about 18 April 2019, a GeelongPort employee’s email account was breached causing the account’s contents to potentially be exposed to an unknown third party.

Source: GeelongPort cyber attacked

Geelong Website Statement:  Geelong Port Notification of Eligible Data Breach

Audit: Vic public health ‘highly vulnerable’ to Singapore-like data breach | iTnews

Audit: Vic public health ‘highly vulnerable’ to Singapore-like data breach | iTnews

Australian Information Security Audit Report May 29 2019

Four health services audited, all four exploited.

Reported in: iTnews

An auditor-general report released Wednesday exposed widespread security weaknesses and vulnerabilities that it said left patient data at risk.

“There are key weaknesses in health services’ physical security, and in their logical security, which covers password management and other user access controls.

The audit covered Barwon Health, the Royal Children’s Hospital, the Royal Victorian Eye and Ear Hospital and two different areas of the Department of Health and Human Services (DHHS).

In all four agencies, the auditor-general’s team was able to exploit weaknesses and access patient data.

Incident: Victorian Government employees’ details stolen in data breach | ABC News (Australia)

Incident: Victorian Government employees’ details stolen in data breach | ABC News (Australia)

Australian Information Security Incident Reported: January 01 2019

The work details of 30,000 Victorian public servants are stolen in a data breach, after part of the Victorian Government directory is downloaded by an unknown party.

The list is available to government employees and contains work emails, job titles and work phone numbers.

Employees affected by the breach were told in an email their mobile phone numbers may have also been accessed if they had been entered into the directory.

“Because of this incident you may experience increased phishing, spam and social engineering attempts via your work email address and telephone numbers,” the email notifying the employees read.

Source: Victorian Government employees’ details stolen in data breach

Vic Building Authority exposes MongoDB instance | iTnews

Australian Information Security Incident Reported: December 24 2018

The Victorian Building Authority has confirmed that it left a 30GB MongoDB instance containing half a million records exposed to the internet.

The database, which was uncovered by security researcher Bob Diachenko, contained “API request logs and practitioners details, such as names, addresses, mobile phone numbers, certificate numbers and more”.

Source: Vic Building Authority exposes MongoDB instance