Australia has become a lucrative target for cybercriminals who are pummelling the country in a recent slew of cyber-attacks
These malicious attacks have compromised the data security of millions of people and are also causing financial and reputational damage to several of its prominent institutions.
With Medibank and Optus data breaches in the spotlight, the last 40 days witnessed six cyberattacks in some of Australia’s most prominent institutions.
All this is happening within the Australian Cyber Security Centre’s (ASIC) ‘Cyber Security Awareness Month’, exposing several holes in the nation's cyber-security strategy and privacy laws.
When Australians are asked to hand over their personal data, they have a right to expect it will be protected.That’s why we introduced new laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivise better behaviour. https://t.co/tzROjugAo3
— Clare O'Neil MP (@ClareONeilMP) October 26, 2022
Data breaches in the spotlight:
- Medibank Private
- Optus
- My Deal - Woolworths
- Vinomofo
- Telstra
- Energy Australia
Medibank Private
Australian insurance provider Medibank Private detected unusual activity on its networks on October 12, 2022, which is now confirmed to be a major cyber incident by the company.
The attack compromised the data of all its four million customers, which includes Medibank, ahm and international student customers' data.
Alarmingly, the data includes medical data which includes health claim data for some of its customers – a cause for serious concern
The company said it expected the number of affected customers to grow substantially as the investigation continued.
The hack impacts about four million current customers along with an unknown number of former customers.
It took nearly a fortnight for the company to confirm the severity of these attacks, which includes a brief period where the company resumed “normal operations”, brushing off the gravity of the attack.
Australian Cyber Security Minister Claire O’Neil said she had been in constant contact with the company and insisted her government had provided the necessary resources to tackle the breach.
"The latest advice from Medibank is deeply concerning ... the government recognises that this incident is very stressful for affected Australians," she said.
"The toughest and smartest people in the government are working directly with Medibank to try to ensure that this horrendous criminal act does not turn into what could be irreparable harm to some Australian citizens."
As we’ve continued to say we believe that the scale of stolen customer data will be greater and we expect that the number of affected customers could grow substantially. I apologise unreservedly to our customers.— Medibank (@medibank) October 25, 2022
Optus
Late last month, Australia’s second-largest telco, Optus, revealed a cyber-attack on systems compromising the data of 9.8 million Australians, of which 2.8 million were severely impacted.
The attack compromised self-identifying information such as customer names, dates of birth, phone numbers and email addresses.
For a subset of customers, Optus has also identified 17,000 valid Medicare numbers in the exposed records (including a further 26,000 expired Medicare numbers) and 10,000 users with highly sensitive personal information like passport numbers exposed.
However, payment details and account passwords were not compromised in the attack.
Darkweb screenshots surfaced quickly after the attack, with an underground BreachForums user going by the moniker ‘optusdata’ offering two tranches of data.
The hacker claimed to have records for about 11.2 million Optus customers, including their names, dates of birth, phone numbers, email addresses and, for a subset of customers, addresses and ID document numbers such as driver’s licence or passport numbers.
Consequently, optusdata released 10,000 records to twist Optus’ hand in the negotiations.
Subsequently, in a quick turn of events, the hacker withdrew the ransom demand, apologised to Optus and the Australian people and claimed that the data had been destroyed – there are rumours that the ransom may have been paid.
❗ ALERT ❗ The ACSC is supporting @Optus through their recent cyber attack. Optus encourages their customers to have a heightened awareness across their accounts to protect themselves from fraud. ACSC guidance is available at https://t.co/QbqWd5MNsK pic.twitter.com/s7lTqY2Tck— Australian Cyber Security Centre (@CyberGovAU) September 23, 2022
MyDeal – Woolworths subsidiary
On October 14, MyDeal.com.au, a subsidiary of the Woolworths Group, had also fallen victim to a data breach compromising records for 2.2 million of its customers.
The compromised data include email IDs, names, addresses, telephone numbers and dates of birth.
In a statement, Woolworths said that no customer account passwords or payment details were compromised in this breach.
The company added that 1.2 million of the compromised customers had only had their email addresses exposed.
Looks like someone is allegedly selling the Australian mydeal data on breachforums.#cybersecurity #infosec #cyber #auspol #woolworths #mydeal pic.twitter.com/J9KlR42fDY— CyberKnow (@Cyberknow20) October 17, 2022
Vinomofo
Adding to the tally, Online wine reseller Vinomofo also reported a cyber security incident compromising customer identifying information such as name, gender, date of birth, email address and phone numbers of more than 600,000 customers worldwide.
The security incident involved an “unauthorised third party” gaining access to the company’s database through a testing platform that is not linked to the live website.
Vinomofo's investigations established that no passwords, identity documents or financial information were accessed, with the investigators categorising the risk to customers as “low”.
Data breach at @vinomofo.“an unauthorised third party unlawfully accessed our database on a testing platform”
“information about you that was contained in the database that may have been accessed may include name, gender, dob, address, email address and phone number”
????♂️????♂️ ????♂️ pic.twitter.com/ZNpYYaClKv
— Troy Hunt (@troyhunt) October 17, 2022
Telstra
Earlier this month, Australia’s largest telco also was the victim of a data breach exposing employee information of potentially 30,000 of its workforce.
The company did not reveal how many employees were affected, but a Reuters report pegged the number at 30,000, citing an internal staff email sent by Telstra.
It said the breach targeted a third-party platform called Work Life NAB that's no longer actively used by the company,
Energy Australia
Energy Australia is the latest company on the block to be targeted by a cyber-attack, with hundreds of customers’ details exposed
In a statement released late last week, the electricity company revealed that 323 residential and small business customers were affected by unauthorised access to their online platform, My Account.
Details including customer names, addresses, email addresses, electricity and gas bills, phone numbers and the first six and last three digits of their credit cards are all included with those accounts.