Category: Third-Party Risk

Home » Sector » Third-Party Risk

Incident: Defence Housing Australia investigates third-party provider hack exposure | iTnews

by Steven Kirby | Sep 7, 2023 | Australia, Australian InfoSec Incidents 2023, Building and Construction, Defence and Military, Federal Government, iTnews, Managed Services Provider | 0 |

Australian Defence Agencies Third-Party Breach, 07 September 2023. Defence Housing Australia and Department of Veterans’ Affairs investigates third-party provider hack exposure. The breached service provider was not identified.

Incident: University of Sydney caught up in third-party data breach | iTNews

by Steven Kirby | Sep 1, 2023 | Australian InfoSec Incidents 2023, Confidentiality, Education and Training, iTnews, New South Wales, Privacy, Third-Party Risk | 0 |

Australian University Third-Party Data Breach, 1 September 2023: The University of Sydney has disclosed a data breach potentially affecting international students. The data breach involved a third-party provider, still undisclosed.

Incident: Thousands of donors to Australian charities, including Cancer Council and Canteen, have data leaked to dark web | ABC News (Australia)

by Steven Kirby | Aug 23, 2023 | ABC News (Australia), Australian InfoSec Incidents 2023, Charities and Not For Profit, Confidentiality, Privacy Breach, Queensland, Third-Party Risk | 0 |

Australian Telemarketer Breach, 23 August 2023: Pareto Phone, a Brisbane-based telemarketing company that contacts potential donors on behalf of charities, was hacked by cybercriminals in April. 70 charities, including Amnesty International Australia, Australian Conservation Foundation, Wilderness Society, Cancer Council Cancer, The Fred Hollows Foundation, Canteen, Heart Foundation, and Medecins Sans Frontieres.

Incident: Fortescue Metals admits it suffered breach, Cl0p claims credit | iTWire

by Steven Kirby | Jul 18, 2023 | Australia, Australian InfoSec Incidents 2023, Confidentiality, iTWire, Mining and Resources, Privacy, Third-Party Risk | 0 |

Australian Mining Cyber Incident, 18 July 2023: Iron ore giant Fortescue Metals targeted by Russian ransomware group. Australian mining company confirms hack occurred on 28 May but data disclosed ‘was not confidential in nature’.

Incident: Australian horse riding organisations caught up in cyber attack impacting 10,000 people | The Courier Mail

by Steven Kirby | Jul 6, 2023 | Australian InfoSec Incidents 2023, Entertainment and Events, Privacy Breach, The Courier, Third-Party Risk, Victoria | 0 |

Australian Event Management Incident, 06 July 2023: Australian critical infrastructure company Ventia has been breached in an online attack. Information including names, email addresses, home addresses, phone numbers and bank details.

Incident: Perpetual says some personal info compromised in attack on supplier | iTnews

by Steven Kirby | Jun 28, 2023 | ABC News (Australia), Australia, Australian InfoSec Incidents 2023, Banking and Finance, Confidentiality, Privacy, Third-Party Risk | 0 |

Australian Wealth Management Incident 28 June 2023: Wealth and asset management firm Perpetual Limited says some personal info compromised in attack on supplier. First names, surnames and addresses and bank account details maybe compromised.

Incident: NSW cashless gambling trial to focus on data security after hack of smaller pilot program | The Guardian

by Steven Kirby | Jun 24, 2023 | Australian InfoSec Incidents 2023, Banking and Finance, Entertainment and Events, New South Wales, Ransomware, The Guardian, Third-Party Risk | 0 |

Australian Gambling Ransomware Attack, 24 June 2023: Wests Newcastle shuts down cashless gambling trail after digital payment processing firm Banktech experienced a ransomware attack.

Incident: TechnologyOne investigates ‘cyber incident’ on M365 system | iTnews

by Steven Kirby | May 10, 2023 | Australian InfoSec Incidents 2023, Confidentiality, iTnews, Queensland, SaaS - Software as a Service | 0 |

Australian SaaS Provider Breach 10 May 2023: TechnologyOne investigates ‘cyber incident’ on M365 system. “Unauthorised third party” has accessed the company’s internal Microsoft 365 platform.

Incident: Coles confirms its customers impacted by Latitude Financial data breach | ABC News (Australia)

by Steven Kirby | Apr 15, 2023 | Australia, Australian InfoSec Incidents 2023, Banking and Finance, Confidentiality, Retail, Third-Party Risk | 0 |

Australian Retail Third-Party Breach, 15 March 2023: Coles confirms its customers impacted by Latitude Financial data breach. Coles says it has not been informed of how many of its customers have been impacted, the data dates back as far as 2005.

Incident: Tasmanians affected by security breach of third-party file transfer service GoAnywhere | ABC News (Australia)

by Steven Kirby | Mar 31, 2023 | ABC News (Australia), Australian InfoSec Incidents 2023, Confidentiality, SaaS - Software as a Service, State Government, Tasmania, Third-Party Risk | 0 |

Updated Australian State Government Data Breach, 31 March 2023: Tasmanians affected by security breach of third-party file transfer service GoAnywhere. Tasmanian government has come under fire for providing a lack of detail.

Incident: Crown Resorts investigating potential data breach after being contacted by hacking group | ABC News (Australia)

by Steven Kirby | Mar 27, 2023 | ABC News (Australia), Australia, Australian InfoSec Incidents 2023, Confidentiality, Entertainment and Events, SaaS - Software as a Service, Third-Party Risk, Travel and Accommodation | 0 |

Australian Cyber Security Incident, 27 March 2023: Crown Resorts investigating potential data breach after being contacted by hacking group. The hackers claimed they had breached file transfer service GoAnywhere.

Incident: Rio Tinto says staff’s personal data may have been hacked in memo after an attack on GoAnywhere software | ABC News (Australia)

by Steven Kirby | Mar 23, 2023 | ABC News (Australia), Australia, Australian InfoSec Incidents 2023, Confidentiality, Human Resources, Mining and Resources, Privacy Breach, SaaS - Software as a Service | 0 |

Australian Cyber Attack March 2023: Rio Tinto says staff’s personal data may have been hacked in memo after an attack on GoAnywhere software. Stolen data possibly includes payslips, overpayment letters.

Incident: Skin cancer survey hack may have ‘compromised’ personal details, Medicare numbers of participants | ABC News (Australia)

by Steven Kirby | Mar 20, 2023 | ABC News (Australia), Australian InfoSec Incidents 2023, Confidentiality, Medical and Health Care, Queensland, SaaS - Software as a Service, Third-Party Risk | 0 |

Australian Medical Privacy Breach March 2023: Skin cancer survey hack may have ‘compromised’ personal details, Medicare numbers of participants. QIMR Berghofer survey data exposed via third party in November 2022.

Incident: Frontier Software breach spreads to NSW Health | iTnews

by Steven Kirby | Mar 9, 2023 | Australian InfoSec Incidents 2023, Confidentiality, Human Resources, iTnews, Medical and Health Care, New South Wales, SaaS - Software as a Service | 0 |

Australian Ransomware Attack March 2022:: Frontier Software 2021 breach spreads to NSW Health, now reported. Frontier Software advised that payroll information of around 1600 former and current staff employed breached.

Incident: Technology group providing services to Victorian government departments hit by cyber attack | ABC News Australia

by Steven Kirby | Nov 5, 2022 | ABC News (Australia), Australian InfoSec Incidents 2022, Availability, Confidentiality, Integrity, ISO27k 8.7 Protection against malware, Managed Services Provider, State Government, Victoria | 0 |

Australian Cyber Attack November 2022: Technology group providing services to Victorian government departments hit by a cyber attack. The company says hackers have revealed a sample “of what is believed to be stolen data”

Incident: APA, Viterra caught up in Frontier ransomware attack | iTnews

by Steven Kirby | Nov 2, 2022 | Agriculture and Farming, Australian InfoSec Incidents 2022, Availability, Building and Construction, Confidentiality, Human Resources, Integrity, ISO27k 8.7 Protection against malware, iTnews, SaaS - Software as a Service | 0 |

Australian Ransomware November 2022: Infrastructure operator APA Group, and agribusiness Viterra caught up in Frontier ransomware attack. Other previously unreported incidents, Indigenous Land and Sea Corporation and Workskil Australia.

Incident: Ransomware attack on Dialog also took down defence app ForceNet | iTWire

by Steven Kirby | Oct 31, 2022 | Australia, Australian InfoSec Incidents 2022, Confidentiality, Defence and Military, Federal Government, iTWire, Managed Services Provider | 0 |

Australian Defence Ransomware Incident October 2022: Ransomware attack on Dialog also took down Australian Department of Defence service ForceNet. An Agenda ransomware attack hit a communications platform used by the Department of Defence.

Incident: WA Arts and Culture Trust discloses potential data breach | CRN Australia

by Steven Kirby | Jul 25, 2022 | Australian InfoSec Incidents 2022, Confidentiality, CRN Australia, Entertainment and Events, Privacy Breach, SaaS - Software as a Service, Western Australia | 0 |

Australian Arts Privacy Breach July 2022: Western Australia Arts and Culture Trust discloses potential data breach in it SaaS digital marketing platform. The vendor WordFly revealed it has been offline since 10 Jul.

Incident: Sky News employees caught in cyber breach | SHM

by Steven Kirby | Feb 27, 2022 | 12.04 Logging and monitoring, Australian InfoSec Incidents 2022, Availability, Confidentiality, Data Breach, Integrity, ISO27k 8.7 Protection against malware, News Film and Media, Privacy Breach, SaaS - Software as a Service, SMH - The Sydney Morning Herald | 0 |

Australian Media Ransomware Attack February 2022. Sky News employees caught in cyber breach, Info accessed included full names, dwelling and e mail addresses, phone numbers, dates of beginning, tax file numbers, salaries, payroll IDs and superannuation fund particulars.

Incident: Ransomware attack on Australian agricultural company GrainCorp’s payroll provider Kronos

by Steven Kirby | Feb 23, 2022 | Agriculture and Farming, Australia, Australian InfoSec Incidents 2022, Availability, In the Press, Integrity, Ransomware, SaaS - Software as a Service | 0 |

Australian Ransomware Attack February 2022: Attack on Australian agricultural company GrainCorp’s third party payroll provider Kronos has left some harvest casuals unpaid for around two months.

Home » Sector » Third-Party Risk

More Australian News

Australia's Energy One says no proof of malicious activity
by Staff Writer on October 1, 2023
Australian software supplier Energy One said it had not uncovered any evidence of malicious activity on their customer systems after a cyber incident …
Commentary on Australia's National Cyber Security Strategy
by Craig Nielsen, vice president Asia Pacific, GitLab on September 28, 2023
GUEST OPINION: Australia’s new Cyber Security Strategy to begin building six cyber shields around the nation comes at a time when it’s more important …
Gov stalls on some privacy reforms with conditional support
by Richard Chirgwin on September 28, 2023
The government has offered "in-principle" - conditional - support for over half of the recommendations from a two-year-long review of the Privacy …
Personal data to get greater protection, but targeted ads will keep coming
by Paul Sakkal on September 27, 2023
Australians are likely to gain new rights allowing them to demand tech companies erase data, sue for privacy invasions and avoid being targeted by …
Cyber risk: Directors’ duties and implications for M&A
by Luke Dawson on September 26, 2023
On 18 September 2023, ASIC Chair Joe Longo addressed the Australian Financial Review Cyber Summit on the topic of cyber preparedness. His message was …
APVMA added to HWL Ebsworth breach list
by Richard Chirgwin on September 25, 2023
The Australian Pesticides and Veterinary Medicines Authority (APVMA) has confirmed that it was one of the federal government agencies impacted by the …
Australian Federal Police claw back $45m lost to BEC scammers
by Ry Crozier on September 25, 2023
The Australian Federal Police has claimed some success in thwarting in-progress business email compromise (BEC) scams, in cases where the incident is …
AFP saves mum and dad business from cyber criminals | Australian Federal Police
by Australian Federal Police on September 25, 2023
The AFP has returned $45 million to Australian businesses targeted by cyber criminals in the past three years. As the AFP today challenges the …
Aussies Warned Over Cyber-Security Risks After Large-Scale Hack
by The Project on September 24, 2023
Sixty-five government departments and agencies have been caught up in the country’s latest ‘large scale’ cyber-attack on legal firm HWL Ebsworth, with stark ...
Federal government rolls out plan to protect Aussies from cyber attacks | 9 News Australia
by 9 News Australia on September 24, 2023
One year on since the Optus cyber attack, Home Affairs Minister has revealed part of the Federal government’s plan to protect Australians from future breache...

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

Featured

Incident: Dymocks warns customers of data breach after account information leaked on dark web | ABC News (Australia)

Featured

Incident: Defence Housing Australia investigates third-party provider hack exposure | iTnews

Featured

Audit: NSW's local government audit found that 47% of councils did not have a cyber security plan | kirbyidau.com

Featured

Audit: Australian Senate Estimates reveals 435 Chinese-made surveillance devices found at defence sites

Featured

Quote: Meera Srinivasan "Home is where the Heart is ..."

Featured

Quote: Chinese Proverb "When planning for a year, plant corn. When planning..."

Category: Third-Party Risk

More Australian News

Weekly Australian News and Monthly Incident Review Emails