NZ Incident: TΕ« Ora Compass Health data breach exposes medical data of one million people | ZDNet

NZ Medical Data Breach 8 October 2019. New Zealand’s TΕ« Ora Compass Health data breach exposes medical data of one million New Zealand residents.

NZ Incident: New Zealand ComCom suffers breach after laptop theft | ZDNet

NZ Laptop Stolen 8 October 2019: New Zealand’s Commerce Commission (ComCom) confidential information on laptop belonging to ‘external provider’ containing over 200 meeting and interview transcripts taken in burglary, which has seen the provider dumped.

Incident: ‘Trusted inside access’: Sydney IT contractor arrested over Landmark White data breach | Brisbane Times

October 02 2019 Sydney Insider Charged: Sydney IT contractor arrested over Landmark White data breach containing property valuations, personal details and driver’s licences of a combined 275,000 individuals.

Audit: Queensland government cyber defences fail ethical hack test | iTnews

Audit Failure 2019: Queensland government cyber defences fail ethical hack test, sensitive information accessed with relative ease.

Incident: Victorian hospitals targeted in ransomware cyber attack | ABC News (Australia)

October 01 2019 Victorian Hospital Ransomware Attack: The scale of a ransomware attack on some of the state’s major regional hospitals that has forced healthcare providers to go offline.

NZ Incident: Auckland Asics store screens hacked to show pornography | Stuff.co.nz

NZ Hacked 29 September 2019: Promotional screens on a central Auckland Asics store were hacked to show pornographic content on Sunday morning.

Incident: Millions of Australians’ sensitive medical images, data left openly accessible | iTnews

September 20 2019 Australian Medical Privacy Breach: Millions of Australians’ sensitive medical images, data left openly accessible. Australian servers alone leaked 50,000 sets of data comprising 2.5 million accounts.

More Oz and NZ Security News – Flipboard Magazine

Flip More Australian and New Zealand InfoSec and Cyber News – News | Opinions | Privacy | Digital Rights | Breaches and Audits | Security Advice | Security Reports | Government Policy and Legislation | Appointments and Movements | Twitter | LinkedIn | YouTube | More…

Incident: ‘Detailed and graphic’: Clinic faxes patients’ highly sensitive medical histories to wrong number | SMH

September 18 2019 Australian Medical Privacy Breach: A Melbourne medical clinic has been inadvertently faxing highly sensitive patient details including mental health and family medical histories to a Greenvale man for at least two years.

Incident: Online fraud syndicate – Woman arrested and millions allegedly siphoned | 9 News

September 18 2019 Australian Cyber Fraud: Millions of dollars have allegedly been siphoned from personal superannuation and share trading accounts as part of a sophisticated online fraud syndicate.

Quote: Stephane Nappo “A weak digital security can jeopardize a robust physical safety.”

Security Quote: Stephane Nappo “A weak digital security can jeopardize a robust physical safety.”

Incident: Data breach may affect 50,000 Australian university students using ‘Get’ app | The Guardian

September 10 2019 Australian Privacy Breach: Estimated 50,000 students using events app Get, previously known as Qnect, may have had their personal data exposed online.

Australian InfoSec Incidents

Australian InfoSec Incidents

I use this resource to demonstrate to managers and executives having trouble understanding or who forget that security incidents really do happen in Australia. The prevalence of incidents can get lost in the noise of business, and news headlines have more of an impact than some technical report.

These are Australian information security incidents only, that occur in Australia. These incidents don’t include the mass malware/ransomware/virus type attacks that affect individuals, only items that impact businesses, companies or government organisations. This year the incidents have be broadened to include data leakage, compliance failures and privacy issues.

UPDATE: I’m now tracking New Zealand Incidents as well. I now have family over there on a lake at Rotorua, so I go and SUP over there, I might as well do a bit of work there if I can get it. For now they will not be a separate list just tagged as New Zealand.

Australia must implement mandatory incident reporting, hiding and denying a problem has never solved it. Lobby groups like the Bankers Association may think they are defending their members but longer term they are doing them more harm than good.

Contributions welcome, if you would like to be credited for a submission make it clear in the PM, Comment, etc., and include a URL you want the credit hyperlinked.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Shares
Share This