Category: Public Sector
Incident: Vic councils’ after-hours call answering service breached – iTnews
Australian Councils Ransomware Attack, 22 April 2024: Victorian councils’ OracleCMS after-hours call answering service breached. Provider, OracleCMS hacked by Lockbit with around 50 clients’ data compromised.
Read More
Incident: Cyber attack on Victoria’s court system may have exposed recordings of sensitive cases | ABC News Australia
Australian Court Ransomware Attack, 02 January 2024: Cyber attack on Victoria’s court system may have exposed recordings of sensitive cases. The Qilin ransomware attacked the court system’s audio-visual archive, which staff discovered on December 21
Read More
Incident: UPDATE NDIA data breach claimed to impact 11,000 “records” | iTnews
Australian Insider Threat, 29 November 2023: National Disability Insurance Agency NDIA data breach claimed to impact 11,000 “records”. NDIA staffer charged with leaking participants’ data, acting NDIA provider also arrested.
Read More
Incident: Home Affairs, Administrative Appeals Tribunal websites hit by cyber attacks | SBS News
Australian Denial of Service Attack, 06 October 2023: Home Affairs, Administrative Appeals Tribunal websites hit by cyber attacks. DDoS attack, impacted site access for about five hours.
Read More
Incident: Defence Housing Australia investigates third-party provider hack exposure | iTnews
Australian Defence Agencies Third-Party Breach, 07 September 2023. Defence Housing Australia and Department of Veterans’ Affairs investigates third-party provider hack exposure. The breached service provider was not identified.
Read More
Audit: NSW’s local government audit found that 47% of councils did not have a cyber security plan | kirbyidau.com
Australian Audit Failure June 13 2023: NSW’s local government audit found that 47% of councils did not have a cyber security plan. IT policies and procedures were outdated or not in place at 43 councils.
Read More
Incident: Parks Victoria data breach | 7News
Australian Privacy Breach, 05 July 2023: There’s been a privacy breach on the state government’s new campsite booking system. Personal details of other campers shown to other campers
Read More
Incident: Human error, not data breach, behind Port Arthur staff information appearing ‘live’ on library website | ABC News (Australia)
Australian Library Data Handling Incident, 20 June 2023: Human error, not data breach, behind Port Arthur staff information appearing ‘live’ on library website. Personal information exposed comprised dates of birth, resumes, addresses, school records and telephone numbers.
Read More
Incident: ACT government hit by cyber security breach | AAP
Australian Cyber Incident, 08 June 2023: The Australian Cyber Security Centre is investigating a breach of the ACT government’s systems. Security breach was detected in the Barracuda email gateway system.
Read More
Audit: Australian Senate Estimates reveals 435 Chinese-made surveillance devices found at defence sites
Defence Internal Audit Finding 31 May 2023: Australian Senate questioning reveals 435 Chinese-made surveillance devices found at defence sites. Defence initially claimed there was only one device.
Read More
Incident: Thousands of identifiable Northern Territory patient health files sent to overseas-based software vendor in government data breach | ABC News (Australia)
Australian Medical Data Handling Incident 25 May 2023: Thousands of identifiable Northern Territory patient health files sent to overseas-based software vendor in government data breach. NT Health says the onus is on individuals to check if the privacy of their medical records has been breached.
Read More
Incident: Drug and alcohol tests of graduate paramedics revealed in Ambulance Victoria data breach | The Guardian
Australian Medical Data Handling Incident 04 May 2023. Drug and alcohol tests of graduate paramedics revealed in Ambulance Victoria data breach. The documents had become accessible to all employees on Ambulance Victoria’s internal intranet.
Read More
Incident: Woman charged with accessing private data on NSW gov computer | iTnews
Australian Unauthorised Access Incident, 13 April 2023: Woman charged with accessing private data on NSW gov computer. Personal data which was shared with others for the purpose of criminal activity (kidnapping).
Read More
Incident: Bug briefly exposed Service NSW data to other users | iTnews
Australian State Government Cyber Incident, 04 April 2023: Bug briefly exposed Service NSW data to other users. ‘Technical issue’ may have exposed data of 3700 customers.
Read More
Incident: Data of thousands of TAFE SA students stolen in breach spanning over five years | ABC News (Australia)
Australian Education Data Breach, 4 April 2023. Data of thousands of TAFE SA students stolen in breach spanning over five years. SA Police “found” USB containing credentials such as driver’s licences and passports for enrolments prior to 2021 across all campuses.
Read More
Incident: Isaacs Regional Council Cyber Attack Highlights Risks Local Governments Face | australiancybersecuritymagazine
Australian Local Government Ransomware Attack, 04 April 2023: Isaacs Regional Council Ransomware Attack Highlights Risks Local Governments Face. It is unknown at this stage what information has been accessed.
Read More
Incident: Tasmanians affected by security breach of third-party file transfer service GoAnywhere | ABC News (Australia)
Updated Australian State Government Data Breach, 31 March 2023: Tasmanians affected by security breach of third-party file transfer service GoAnywhere. Tasmanian government has come under fire for providing a lack of detail.
Read More
Audit: Western Australia Auditor General’s Local Government Information Security Audit 2021-22 reports 324 control weaknesses
West Australian Councils Audit Report 29 March 2023: Western Australia Auditor General’s Local Government Information Security Audit 2021-22 reports 324 control weaknesses. Cyber security concerns as council’s network rack found in staff toilet.
Read More
Audit: Western Australia Auditor General’s State Government Information Systems Audit 2021-22
West Australian State Government Audit Report March 2023: Auditor General’s State Government Information Systems Audit 2021-22 566 control weaknesses 34 significant. Cases: malicious insiders no MFA, outage from an unauthorised device, former employee accessing finance system one month after termination.
Read More
Incident: Health worker sacked over ‘serious breach’ of patients’ privacy as ACT government investigates data misuse | ABC News (Australia)
Australian Health Privacy Breach, 22 March 2023: Health worker sacked over ‘serious breach’ of patients’ privacy as ACT government investigates data misuse. Private records of some Canberra Health Services patients ‘deliberately’ sent to industrial partner.
Read More