Category: Public Sector
Incident: Defence Housing Australia investigates third-party provider hack exposure | iTnews
Australian Defence Agencies Third-Party Breach, 07 September 2023. Defence Housing Australia and Department of Veterans’ Affairs investigates third-party provider hack exposure. The breached service provider was not identified.
Read More
Audit: NSW’s local government audit found that 47% of councils did not have a cyber security plan | kirbyidau.com
Australian Audit Failure June 13 2023: NSW’s local government audit found that 47% of councils did not have a cyber security plan. IT policies and procedures were outdated or not in place at 43 councils.
Read More
Incident: Human error, not data breach, behind Port Arthur staff information appearing ‘live’ on library website | ABC News (Australia)
Australian Library Data Handling Incident, 20 June 2023: Human error, not data breach, behind Port Arthur staff information appearing ‘live’ on library website. Personal information exposed comprised dates of birth, resumes, addresses, school records and telephone numbers.
Read More
Incident: ACT government hit by cyber security breach | AAP
Australian Cyber Incident, 08 June 2023: The Australian Cyber Security Centre is investigating a breach of the ACT government’s systems. Security breach was detected in the Barracuda email gateway system.
Read More
Audit: Australian Senate Estimates reveals 435 Chinese-made surveillance devices found at defence sites
Defence Internal Audit Finding 31 May 2023: Australian Senate questioning reveals 435 Chinese-made surveillance devices found at defence sites. Defence initially claimed there was only one device.
Read More
Incident: Thousands of identifiable Northern Territory patient health files sent to overseas-based software vendor in government data breach | ABC News (Australia)
Australian Medical Data Handling Incident 25 May 2023: Thousands of identifiable Northern Territory patient health files sent to overseas-based software vendor in government data breach. NT Health says the onus is on individuals to check if the privacy of their medical records has been breached.
Read More
Incident: Drug and alcohol tests of graduate paramedics revealed in Ambulance Victoria data breach | The Guardian
Australian Medical Data Handling Incident 04 May 2023. Drug and alcohol tests of graduate paramedics revealed in Ambulance Victoria data breach. The documents had become accessible to all employees on Ambulance Victoria’s internal intranet.
Read More
Incident: Woman charged with accessing private data on NSW gov computer | iTnews
Australian Unauthorised Access Incident, 13 April 2023: Woman charged with accessing private data on NSW gov computer. Personal data which was shared with others for the purpose of criminal activity (kidnapping).
Read More
Incident: Bug briefly exposed Service NSW data to other users | iTnews
Australian State Government Cyber Incident, 04 April 2023: Bug briefly exposed Service NSW data to other users. ‘Technical issue’ may have exposed data of 3700 customers.
Read More
Incident: Data of thousands of TAFE SA students stolen in breach spanning over five years | ABC News (Australia)
Australian Education Data Breach, 4 April 2023. Data of thousands of TAFE SA students stolen in breach spanning over five years. SA Police “found” USB containing credentials such as driver’s licences and passports for enrolments prior to 2021 across all campuses.
Read More
Incident: Isaacs Regional Council Cyber Attack Highlights Risks Local Governments Face | australiancybersecuritymagazine
Australian Local Government Ransomware Attack, 04 April 2023: Isaacs Regional Council Ransomware Attack Highlights Risks Local Governments Face. It is unknown at this stage what information has been accessed.
Read More
Incident: Tasmanians affected by security breach of third-party file transfer service GoAnywhere | ABC News (Australia)
Updated Australian State Government Data Breach, 31 March 2023: Tasmanians affected by security breach of third-party file transfer service GoAnywhere. Tasmanian government has come under fire for providing a lack of detail.
Read More
Audit: Western Australia Auditor General’s Local Government Information Security Audit 2021-22 reports 324 control weaknesses
West Australian Councils Audit Report 29 March 2023: Western Australia Auditor General’s Local Government Information Security Audit 2021-22 reports 324 control weaknesses. Cyber security concerns as council’s network rack found in staff toilet.
Read More
Audit: Western Australia Auditor General’s State Government Information Systems Audit 2021-22
West Australian State Government Audit Report March 2023: Auditor General’s State Government Information Systems Audit 2021-22 566 control weaknesses 34 significant. Cases: malicious insiders no MFA, outage from an unauthorised device, former employee accessing finance system one month after termination.
Read More
Incident: Health worker sacked over ‘serious breach’ of patients’ privacy as ACT government investigates data misuse | ABC News (Australia)
Australian Health Privacy Breach, 22 March 2023: Health worker sacked over ‘serious breach’ of patients’ privacy as ACT government investigates data misuse. Private records of some Canberra Health Services patients ‘deliberately’ sent to industrial partner.
Read More
Audit: Queensland Audit Office’s State Entities 2022 reports deficiencies in information systems
Queensland Audit Report 16 March 2023: Queensland Audit Office’s State Entities 2022 reports deficiencies in information systems. Only 33 per cent of departments have an effective system managing information security risks.
Read More
Incident: Australian National Maritime Museum hit by alleged ‘trusted insider’ attack | iTNews
Australian Insider Cyber Fraud, 06 March 2023: Australian National Maritime Museum hit by alleged ‘trusted insider’ attack. Contractor allegedly accessed accounting system, changing bank account details stored to his own.
Read More
Audit: Victoria audit warns of weak IT controls in council systems | iTnews
Victorian Local Government Audit Report 27 February 2023: Victoria audit reports a significant rise in IT control weaknesses in council systems. Calls for Essential Eight adoption.
Read More
Incident: Fire Rescue Victoria investigating security incident | iTnews
UPDATE Australian Cyber Incident December 2022: Fire Rescue Victoria confirms cyber attack from ‘external third party’ as outage continues. Outage could last “three or four days.”
Read More
Incident: Victoria Police allegedly use LEAP database to pursue, stalk, harass women prompting calls for inquiry | ABC News Australia
Australian Privacy Incident December 2022: Victoria Police allegedly use LEAP database to pursue, stalk, and harass women prompting calls for an inquiry. In the past five years, there have been complaints against 178 police for misusing LEAP.
Read More