Incident: NAB reveals 13,000-person data breach at 6PM Friday | iTnews

Incident: NAB reveals 13,000-person data breach at 6PM Friday | iTnews

Australian Information Security Incident Reported: July 26  2019

NAB reveals 13,000-person data breach at 6PM Friday

Dataset uploaded to the servers of two service providers. And not burying news, promise.
Reported in: iTnews

NAB disclosed a data breach late Friday after a dataset containing the personal details of approximately 13,000 customers was uploaded to the servers of “two data service companies”.

Chief data officer, Glenda Crisp, said the compromised data “included customer name, date of birth, contact details and in some cases, a government-issued identification number, such as a driver’s licence number.”

Crisp attributed the issue to “human error”.

 

Source: NAB reveals 13,000-person data breach at 6PM Friday
Company Statement: NAB apologises to customers for data breach (inc. Video)
Audit: CBA to ‘substantially’ overhaul privacy under OAIC undertaking | iTnews

Audit: CBA to ‘substantially’ overhaul privacy under OAIC undertaking | iTnews

Australian Information Security Audit Report June 27 2019

CBA has 90 days to submit plans.

Reported in: iTnews

The Office of the Australian Information Commissioner (OAIC) has accepted a court-enforceable undertaking from the Commonwealth Bank of Australia (CBA) in the wake of investigations into issues with the bank’s handling of customer data.

As part of the undertaking, CBA now has 90 days to develop and submit to the OAIC a work plan and timetable of work to meet address its privacy obligations, including a review of its policies, procedures and data retention standards, while also providing staff training to ensure compliance.

“CBA must also assess its IT services and systems to make sure it takes appropriate steps to control access to customers’ personal information,” the OAIC said.

Incident: Aussie ‘hacker’ jailed for unauthorised access and insider trading | ZDNet

Incident: Aussie ‘hacker’ jailed for unauthorised access and insider trading | ZDNet

Australian Information Security Incident Reported: June 25 2019

The IT consultant has been sentenced to three years in prison.

An Australian IT consultant has on Tuesday been sentenced to three years imprisonment after pleading guilty to a total of 11 charges for insider trading, unauthorised access to data with the intention to commit a serious offence, and the alteration of electronic devices required by the Australian Securities and Investments Commission (ASIC).

According to a statement from ASIC, Steven Oakes hacked into the private computer network of Melbourne-based financial publisher Port Phillip Publishing (PPP) between January 2012 and February 2016.

Source: Aussie ‘hacker’ jailed for unauthorised access and insider trading.

Incident:  Almost 100,000 Australians’ private details exposed in attack on Westpac’s PayID | SMH

Incident: Almost 100,000 Australians’ private details exposed in attack on Westpac’s PayID | SMH

Australian Information Security Incident Reported: June 03 2019

The private details of almost 100,000 Australian bank customers have been exposed in a cyber attack on the real-time payments platform PayID, which allows the instant transfer of money between banks using either a mobile number or email address.

The bank confirmed the incident late on Monday but did not say how many Australians had been affected.

It’s unclear who now has pilfered PayID information and what they intend to do with it.

Source: Almost 100,000 Australians’ private details exposed in attack on Westpac’s PayID

 

Incident: Australian cyber lead impersonated in remote access scam | iTnews

Incident: Australian cyber lead impersonated in remote access scam | iTnews

Australian Information Security Incident Reported: May 09 2019

Scammers impersonating federal government cyber security officials are attempting to coax individuals into compromising computers and revealing bank information.

The Australian Cyber Security Centre (ACSC) said the scammers were calling individuals on the false premise that their “computer has been infected or hacked” in a bid to “coax individuals into actions that could compromise computers or reveal bank information”.

ACSC states “The Australian Cyber Security Centre will never contact you by phone to request access to your computer, ask you to install software, transfer money or request financial information.”

Source: Govt cyber lead impersonated in remote access scam – Security – iTnews

Incident: Landmark White home loan details of 100,000 customers hacked in major data breach | Brisbane Times

Incident: Landmark White home loan details of 100,000 customers hacked in major data breach | Brisbane Times

Australian Information Security Incident Reported: February 12 2019

The nation’s biggest banks are scrambling to contact up to 100,000 customers who may have been caught up in a major data breach at property valuation firm, LandMark White.

The breach, which LandMark White first revealed late on Friday, “could” include property valuations and personal contact information of home owners, residents, and property agents, including first and last names, residential addresses and contact numbers.

Source: Home loan details of 100,000 customers hacked in major data breach

Source: Landmark White’s stolen data re-appears on dark web
ome loan details of 100,000 customers hacked in major data breach