Australian Information & Cyber Security
Australian InfoSec Incidents
InfoSec Quotes and Wisdom
Australian Audits Findings
Incidents/Audits by Location
Australian InfoSec Directory
Incidents/Audits by Industry
Media Incident Reports 2019
Media Incident Reports 2017
Media Audits Reports 2019
OAIC NDB 2019 (June)
Media Incident Reports 2018
OAIC NDB Scheme 2018
New Zealand Data Breach, January 2021: New Zealand Reserve Bank urgently responding to ‘illegal data breach’. The bank issued a statement saying a “third party file sharing service” used by the bank to share and store some sensitive information, had been illegally accessed.
Australian Malware Breach December 2020 – NSW Health, Rio Tinto, Serco named as victims of massive global SolarWinds hack attack. NSW Health appears to have been infected with potentially dangerous Russian malware since June.
Australian Ransomware Breach December 2020 – Automotive services provider Inchcape Australia appears to have been compromised by the Windows Ransomexx ransomware. Cyber criminals who hit the company leaking some data that they stole, on the dark web.
New Zealand Ransomware Attack December 2020. NZ financial strategies provider Staircase hit by Windows NetWalker ransomware. The attackers have listed a number of data files on their site on the dark web
Australian Email Privacy Breach December 2020. BTC Markets exposes customer names, emails in botched blast send. Australia’s largest cryptocurrency exchange apologises for error.
Western Australian Audit Report November 2020. WA registry system flaws force auditor to delay findings by 18 months. ‘Highly unusual step’ taken to protect foundational system.
Australian Audit Report November 2020. Major NSW govt agencies still without disaster recovery plans for all systems. Auditor finds at least seven agencies missing plans.
Australian Netwalker Ransomware Attack November 2020. Australian end-to-end document and digital solutions provider to the legal industry Law In Order says it has suffered a “cyber security incident” and has had to limit access to most of its website as a precaution.
Incident: Levitas Capital closing after fake Zoom invite sinks $16m super fund investment | news.com.au
Australian Zoom Compromise November 2020: Levitas Capital closing after fake Zoom invite sinks $16m super fund investment. A fake Zoom invite has forced a Sydney hedge fund to close up shop after cybercriminals found a way into their emails in September
Australian Privacy Breach November 2020. Bugged lawyers’ conversations available to Victorian police thanks to ‘IT error’. The massive breach of the rights to confidentiality and legal professional privilege has potentially contaminated an unknown number of criminal cases and convictions.
Australian Workers Data Exposed October 2020. Orchard Tech a Melbourne company recruiting horticultural workers exposed sensitive personal data. AWS Simple Storage Service (S3) instance containing thousands of sensitive personal documents left open for anyone to access for over a month.
Australian Service Provider Hacked? October 2020: Nitro Software user database put up for sale on dark web. A group that uses the name Shiny Hunters appears to have put up a database exfiltrated during a data breach of ASX-listed Nitro Software, a firm that offers a service to create, edit and sign PDFs and digital documents, on the dark web for sale.
Australian Security Incident Summary
Incidents and Audits by State
Banking and Finance
Building and Construction
Charities and Not For Profit
Defence and Military
Education and Training
Enterainment and Events
Industry Groups and Associations
Law and Legal
Medical and Health Care
Mining and Resources
News, Film and Media
Police and Law Enforcement Agencies
Policing and Law Enforcement
Politician and Politics
– Federal Government
– State Government
– Local Government
Real Estate and Property Management
Regulator and Authority
SMB Small to Medium
Sporting and Recreation
Telecommunications and Internet Service Provider
Transport and Logics
Travel and Accommodation
Australian InfoSec Directory
Quote: Michael McCormack “Never been a breach, the ABS assures us that this won’t happen into the future with this Census”
Cyber Quotes and Wisdom: Michael McCormack “Never been a breach, the ABS assures us that this won’t happen into the future with this Census”
Cyber Quotes and Wisdom: Hanif Kureishi “Security and safety were the reward of dullness.”
Cyber Quote: Michael Meade “A false sense of security is the only kind there is.”
Quote: Michael Madon “and the main problem wasn’t these evil employees or employees that wanted to hurt the company…”
Cyber Quote: “And the main problem wasn’t these evil employees or employees that wanted to hurt the company — the real problem was the employees that were terrific employees and want to do well, but they’re not focused on security.”
Michael Madon, Mimecast, co-founder of Ataata
Quote: Kevin Mitnick Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted, because none of these measures address the weakest link in the security chain.”
Cyber Quote: Kevin Mitnick “Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted, because none of these measures address the weakest link in the security chain.”
Quote: Bobbie Garrett “Make ‘business continuity’ ‘business as usual’ and embed it into your management routines as decisions are made, instead of an afterthought check off the box exercise later”
Cyber Quote: Bobbie Garrett “Make ‘business continuity’ ‘business as usual’ and embed it into your management routines as decisions are made, instead of an afterthought check off the box exercise later.”
Cyber Quote: Ginni Rometty “Cyber crime is the greatest threat to every company in the world”
Quote: Edward Snowden “It is not data that is being exploited, it’s people that are people exploited.”
Security Quote: Edward Snowden “Data isn’t harmless, data isn’t abstract when it’s about people. Almost all the data being collected today is about people. It is not data that is being exploited, it’s people that are people exploited. It’s not data in networks being influences or manipulated, it is you being manipulated.”