Fire Rescue Victoria – December 2022

• Fire Rescue Victoria investigating security incident

• Cyber attack cripples Fire Rescue Victoria | Firefighters resort to mobile phones and radio.

LastPass – December 2022

• Parsing LastPass’ data breach notice

TPG Telecom – December 2022

• TPG Telecom joins list of hacked Australian companies, shares slide

State Office of Victoria – December 2022

• Data breach hits Victoria’s revenue office

LJ Hooker – December 2022

• Real estate agency LJ Hooker hit with data breach

Telstra – December 2022

• Telstra blames privacy breach on ‘database misalignment’ | Published details of unlisted customers online.

• Telstra explains how internal data breach exposed more than 130,000 customers’ details

• Telstra apologises after customer data breach

• Telstra slips up as details of 130,000 customers go online

• Telstra privacy breach sees customer details made public

Twitter – November 2022

• More than 5 million Twitter users at risk after alleged security breach

WhatsApp – November 2022

• WhatsApp denies data leak as company hit by anonymous online threat

The Smith Family – November 2022

• The Smith Family warns supporters of stolen personal data amid hack on Australian charity

• Children’s charity The Smith Family hit by cyberattack

Harcourts – November 2022

• Harcourts Melbourne City real estate agency advises customers of data breach

Victorian Government | PNORS Technology Group – November 2022

• Victoria has ordered an investigation into a potential data breach. Here’s what happened.

BWX (Flora & Fauna) – November 2022

• Credit card details likely exposed in skincare online shopping hack

SSKB – October 2022

• Australian strata company SSKB breached

Microsoft – October 2022

• Microsoft data breach exposes customers’ contact info, emails

AFP – October 2022

• AFP classified documents hacked in data leak, exposing agents fighting drug cartels

Vinomofo – October 2022

• Online wine seller Vinomofo hit in major data breach

• Vinomofo data breach: 500,000 customers at risk after wine dealer hit by cyber-attack

Medibank – October 2022

• Medibank admits personal data stolen in cyber attack

• Medibank Group detects cyberattack, takes several services offline as a precaution

• Medibank receives contact from hackers | Group requests negotiations over customer data.

Woolworths MyDeal – October 2022

• Woolworths MyDeal becomes latest target of cyber attack. What information was leaked and what can you do if you’re affected?

• Woolworths says data of 2.2 million customers of its MyDeal website has been exposed

North Face – September 2022

• 200,000 North Face accounts hacked in credential stuffing attack

Optus – September 2022

• Optus attack exposes customer information | Personal details of 1.1 million customers purportedly offered for sale.

Uber – September 2022

• Teen hacker gets into Uber, announces data breach on chat software

• Uber investigating ‘cyber security incident’ after report of breach | Company forced to shut internal communications and engineering systems.

• Uber Investigating Massive Security Breach by Alleged Teen Hacker

• Uber in ‘unforgivable’ security breach

Fremantle Football Club – September 2022

• Fremantle apologise for AFL data breach

TikTok – September 2022

• TikTok Hacked, Denies Security Breach Allegations

• TikTok denies security breach after hackers claim to have records of more than a billion users

LastPass – August 2022

• Password manager company LastPass reports major security breach | The company – which has more than 25 million users – says hackers stole parts of its source code and other sensitive data.

• LastPass was hacked, but it says no user data was compromised

DoorDash – August 2022

• Aussies’ sensitive details at risk after global data breach | Popular food delivery service DoorDash is investigating whether credit card and contact details of Australians have been leaked.

Facebook – August 2022

• A Facebook glitch has affected users worldwide. So, what went wrong and has there been a data breach?

WA Health – August 2022

• WA Health Department apologises for monkeypox data breach of passengers on flight from Doha to Perth

• Nurse responsible for major monkeypox data breach in Perth

• Health Department under fire as personal details of monkeypox plane passengers sent out in email

Cisco – August 2022

• Hackers Breach Cisco and Steal Data, But Fail to Deploy Ransomware

Twitter – August 2022

• Twitter confirms personal details of millions of account holders compromised

• Twitter says zero-day bug leaked account data

• More than 5 million Twitter accounts impacted by recent data breach

University of Western Australia – August 2022

• Student details, photos exposed in University of WA data breach

• University of Western Australia Student Details Exposed in Data Breach

• University of Western Australia Confirms Student Details Exposed in Data Breach

• University of Western Australia: Police charge man over major UWA data breach

Neopets – July 2022

• A Hacker Is Trying to Sell Data on 69 Million Neopets Users

• The Hackers Who Breached Neopets Were Inside Its IT Systems for 18 Months

Uber – July 2022

• Uber confesses it covered up a huge data breach | Confession comes as part of DoJ settlement

• Uber settles with DOJ for failing to disclose breach that exposed 57 million users’ data

Perth Festival, Black Swan State Theatre Company – July 2022

• Perth Festival, Black Swan Theatre and other arts organisations hit by major data breach

Victorian Government – July 2022

• Students, travellers and staff exposed as Hotel Quarantine data breach revealed

Woolworths – July 2022

• Woolworths denies data breach after outraged shoppers claim Everyday Rewards hacked

Marriott – July 2022

• Marriott suffers yet another data breach

Mangatoon – July 2022

• Millions of comic book fans have data leaked after Mangatoon breach

China Police – July 2022

• Private information of more than 100 Australians exposed amid huge China police data leak

Deakin University – July 2022

• Deakin University reveals breach of 47,000 students’ details | Subset targeted with smish sent via officially-used SMS channel.

• Data on Almost 47,000 Students Exposed in Deakin Uni Breach

• Hackers target Deakin Uni

AMD – July 2022

• AMD is investigating a serious potential data breach | An attacker claims to have stolen 450Gb of sensitive data

• AMD Is Investigating a Potential Data Breach Allegedly Caused by Weak Passwords

OpenSea – July 2022

• OpenSea customers warned to stay on high alert for phishing attacks | OpenSea email database exposed by third party

• NFT giant OpenSea reports major email data breach

• OpenSea users’ email addresses leaked in data breach

• NFTs Have Been Stolen From OpenSea Users

iCare – June 2022

• iCare data breach due to ‘human error’, agency says

• iCare launches systems review after 193,000 claimants affected by privacy breach

• iCare sends private details of 193,000 workers to wrong employers

Department of Home Affairs – May 2022

• Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols

NDIS – May 2022

• Sensitive NDIS health data breached in client platform hack

• NDIS case management system provider breached | Updated: “Large volume” of sensitive health data exposed.

Spirit Super – May 2022

• Spirit Super hit by data leak, 50,000 accounts exposed

• 50,000 super fund members impacted by data breach

APAC – May 2022

• APAC organisations fail to disclose ransomware breaches

Facebook – May 2022

• Facebook’s Zuckerberg sued for data breach

• Mark Zuckerberg, head of Facebook-owner Meta, is being sued in the US over the Cambridge Analytica scandal that compromised the personal data of millions

South Australian Government – May 2022

• More than 90,000 South Australian public servants now involved in payroll data breach

National Tertiary Education Union – May 2022

• NTEU becomes victim of data breach | NTEU servers were subject to a ransomware attack, a week out from University wide-strikes

Transport for NSW – May 2022

• TfNSW hit by another data breach

• TfNSW hit by second cyber attack in less than 18 months | Confirms authorised inspection scheme system data accessed

• Data breach a Transport for NSW fail

SuperVPN, GeckoVPN, ChatVPN – April 2022

• 25 million free VPN user records exposed

Coca-Cola – April 2022

• Coca-Cola investigating potential large-scale data breach | A new threat actor claims to have stolen gigabytes of data

Top Data Breaches and Cyber Attacks of 2022

• Cybercrime is big business, and it’s already rife in 2022 – we’ve highlighted ten top cases

Panasonic – April 2022

• Panasonic hit by another major cyberattack | Almost 3GB of data taken in attack on Panasonic

Block (ASX:SQ2) – April 2022

• Block (ASX:SQ2) share price jumps 6% despite reporting a data breach

Warrnambool Council – March 2022

• Data breach was ‘not serious’

OKTA – March 2022

• Okta says third-party breach may have impacted up to 366 customers – Hackers took control of contractor’s computer

• Lapsus$ hackers exploited Okta supplier’s security lapses – Allegedly found spreadsheet with login credentials.

• Okta investigates possible data breach – May relate to third-party customer support engineer targeted in January.

• Okta confirms hundreds of customers could be affected by data breach – January 2022 breach could have affected hundreds of Okta customers

Microsoft – March 2022

• Hackers Post Images Showing Possible Microsoft Breach – The same cybercriminal group that recently breached Nvidia briefly shares a screenshot that suggests the hackers also gained access to Bing’s source code.

• Microsoft Azure DevOps targeted by hackers

• ‘Single account’ compromise led to Microsoft’s Lapsus$ code leak – Attackers were interrupted mid-operation

Ubisoft – March 2022

• Ubisoft says ‘cyber security incident’ last week shows no evidence of data breach – Ubisoft’s IT team is working with external experts to investigate the incident, which took place last week.

• Ubisoft fans need to change their passwords now – Ubisoft player data should still be safe

Nvidia – March 2022

• Over 71,000 Nvidia accounts have personal data leaked following hack

• Nvidia says employee, company information leaked online after cyber attack

• Nvidia hackers claim they also hit Vodafone, threaten data leak

• NVIDIA data breach exposed credentials of over 71,000 employees

Samsung – March 2022

• Samsung confirms data breach after hackers leak internal source code

• Hacking group allegedly leaks 190GB of data from Samsung

• Nvidia hackers hit Samsung and leak huge data dump

• Samsung hit by major data breach — Galaxy device source code stolen

• Samsung Galaxy source code targeted by Lapsus$

• Samsung confirms hack: is your TV or smartphone at risk?

Australian Data Breaches Report

• Australian data breach statistics revealed in OAIC report

Toyota Motor – March 2022

• Toyota suspends domestic factory operations after suspected cyber attack | 13,000 vehicles held up after supplier hacked

Medlab Pathology – February 2022

• Medlab Pathology discloses February data breach

• Australian Clinical Labs accused of ‘sitting on’ hack that saw patient data posted to the dark web

OAIC Report – February 2022

• Australian gov data breach numbers slip out of public view

• Latest notifiable data breaches report

NSW Government – February 2022

• Sensitive addresses among more than 500,000 leaked from NSW Government database

• NSW nurses strike as data breach defended

• Sensitive business addresses among 500,000 published in COVID data breach

News Corp – February 2022

• News Corp reports cyber data breach

• News Corp reports cyber data breach

• Chinese hackers believed to be behind News Corp data breach

CFMMEUR – February 2022

• Union fined for data centre breach

Crypto.com – January 2022

• Security News This Week: Crypto.com Finally Admits It Lost $30 Million in Hack

Red Cross Australia – January 2022

• Locations and contact data on 515,000 vulnerable people stolen in Red Cross data breach

• Australian Red Cross clients potentially caught up in international cyber attack

• Red Cross cyberattack sees data of thousands at-risk people stolen

• Red Cross Cyber Attack Exposes Data of 515,000 Vulnerable People

• Australian Red Cross warns clients of potential security breach

• Aussie Red Cross flags potential cyber breach

• Australian Red Cross clients potentially caught up in international cyber attack

• Red Cross hackers exploited Zoho vulnerability to gain entry | Accessed case files of 515,000 vulnerable people held in encrypted database

TfNSW (Accellion) – January 2022

• TfNSW finds more customers, employees impacted by Accellion breach

FlexBooker – January 2022

• Scheduling Platform FlexBooker Discloses Data Breach Affecting 3.7 Million Accounts

Bunnings – January 2022

• Bunnings private customer data exposed in data breach

• Bunnings Customer Data Breached

• Bunnings Confirms Some Customer Data Is Caught up in FlexBooker Breach

• Bunnings stresses little risk to customers from FlexBooker data leak

• Bunnings’ drive and collect customer data caught up in FlexBooker security breach on Amazon cloud

• Bunnings shoppers’ personal information potentially exposed to data security breach

• Bunnings customers caught up in international data breach