Incident: A major hack at one of NSW’s largest drug rehabilitation services, Adele House has left hundreds of patients at risk | The Australian

Australian Medical Data Breach November 2019: A hack at one of NSW’s largest drug rehabilitation services, Adele House has left hundreds of patients at risk.

Incident: Two Sydney women charged over $500,000 BEC scam | iTnews

Australian Cyber Crime November 2019: Two Sydney women have been charged over their alleged involvement in a $500,000 business email compromise scam.

NZ Incident: Financial Markets Authority apologises for privacy breach | FMA

NZ Privacy Breach 7 November 2019. New Zealand’s Financial Markets Authority apologises for privacy breach where complaints documents were potentially accessible via internet.

Incident: Hobart man pleads guilty to stalking and controlling ex-girlfriend’s car with his computer | ABC News (Australia)

Australian Cyber Stalking November 2019: Hobart man pleads guilty to stalking and controlling ex-girlfriend’s car with his computer. He downloaded and set up an online application that gave him control over the stop and start function of his ex-lover’s car and allowed him to track her movements.

Incident: Monash IVF patients receive bogus emails after ‘malicious cyber attack’ on fertility company | ABC News (Australia)

Australian Medical Data Breach and Cyber Fraud November 2019: Australian medical group Monash IVF patients receive bogus emails after ‘malicious cyber attack’ on fertility company.

Quote: Edward Snowden “It is not data that is being exploited, it’s people that are people exploited.”

Security Quote: Edward Snowden “Data isn’t harmless, data isn’t abstract when it’s about people. Almost all the data being collected today is about people. It is not data that is being exploited, it’s people that are people exploited. It’s not data in networks being influences or manipulated, it is you being manipulated.”

Incident: Cyber criminals hack Perth Anaesthetic Group hospital and steal patients’ personal information in terrifying security breach | Daily Mail Australia

Australian DataBreach CyberCrime November 2019: Cyber criminals hack Perth Anaesthetic Group hospital and steal patients’ personal information in terrifying security breach. Several patients were sent fake invoices from the hackers demanding payments.

Incident: Victorian man arrested over multiple DDoS attacks | iTnews

Australian DDoS Attack Arrest October 2019: Victorian man arrested over multiple DDoS attacks against a telecommunications business and a large shopping complex.

Incident: Thousands of Optus mobile numbers mistakenly published in White Pages | Brisbane Times

Australian Privacy Breach Incident October 2019: Tens of thousands of Australian Optus customers have had their mobile phone numbers and addresses mistakenly published online.

Incident: 7-Eleven fuel app data breach exposes users’ personal details | The Guardian

Australian App Privacy Breach October 2019: 7-Eleven fuel app data breach exposes users’ personal details, users were able to see other customers’ data, including names, dates of birth and mobile numbers.

Incident: Cyber scare shuts down hospital IT systems in rural north-east Victoria | Brisbane Times

Australian Virus/Malware Incident October 2019: Australian Virus/Malware Incident October 2019: A number of rural Victorian health services in the state’s north-east were forced to shut down their IT systems due to a malware virus.

Incident: Doctor, patient details allegedly stolen in CSL Behring Australia espionage scandal | SMH

Australian Former Employee Data Breach 18 October 2019: CSL Behring has filed a lawsuit against a former employee, claiming he stole sensitive information with the intention of passing it on to his new company Pharming.

Australian InfoSec Incidents

Australian InfoSec Incidents

I use this resource to demonstrate to managers and executives having trouble understanding or who forget that security incidents really do happen in Australia. The prevalence of incidents can get lost in the noise of business, and news headlines have more of an impact than some technical report.

These are Australian information security incidents only, that occur in Australia. These incidents don’t include the mass malware/ransomware/virus type attacks that affect individuals, only items that impact businesses, companies or government organisations. This year the incidents have be broadened to include data leakage, compliance failures and privacy issues.

UPDATE: I’m now tracking New Zealand Incidents as well. I now have family over there on a lake at Rotorua, so I go and SUP over there, I might as well do a bit of work there if I can get it. For now they will not be a separate list just tagged as New Zealand.

Australia must implement mandatory incident reporting, hiding and denying a problem has never solved it. Lobby groups like the Bankers Association may think they are defending their members but longer term they are doing them more harm than good.

Contributions welcome, if you would like to be credited for a submission make it clear in the PM, Comment, etc., and include a URL you want the credit hyperlinked.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Shares
Share This