Cybersecurity Weekly Roundup - Australia
AusCyber
June 7, 2024
Welcome to this week's edition of the Cybersecurity Weekly Roundup, where we cover the latest cyber incidents affecting Australian companies. Here's what you need to know:
1. Cyber Attack on Northern Minerals Amid Chinese Investor Divestment
Northern Minerals, aiming to be a significant rare earth producer, has been hit by a cyber attack as Treasurer Jim Chalmers orders Chinese investors to divest. The hacker group BianLian claimed responsibility, compromising corporate, financial, and personal data. The company is notifying affected individuals and strengthening security measures.
2. Patties Foods Data Breach Exposes Customer Information
Patties Foods experienced a major data breach with 524,000 documents exposed, including system logs and invoices. Discovered by cybersecurity researcher Jeremiah Fowler, the breach could lead to invoice fraud. The company has secured the databases and is taking steps to protect customers.
3. Hackers Breach Victorian Freight Specialists, Steal 846 GB of Data
The hacker group GhostR claims to have stolen 846 GB of data from Victorian Freight Specialists. The breach includes internal data from an SQL database and logon screenshots. Known for cyber extortion, GhostR continues to target high-profile organizations. Companies are advised to enhance their cybersecurity measures.
4. Facebook Introduces Yoti Age Estimation in Australia
Meta is rolling out age verification on Facebook using Yoti's biometric facial age estimation. Users changing their age from under 18 to older must verify through Yoti or submit an ID. This follows a successful implementation on Instagram, aimed at ensuring age-appropriate experiences.
5. Medibank Faces Legal Action Over 2022 Data Breach
Medibank is under legal scrutiny for a 2022 data breach that exposed the personal information of 9.7 million Australians. The Office of the Australian Information Commissioner has initiated civil penalty proceedings, accusing Medibank of failing to protect sensitive data. The breach included health claims and passport numbers, with remediation costs expected to exceed $45 million.
6. Ticketek Customer Details Exposed in Cybersecurity Breach
Ticketek has suffered a data breach involving a third-party cloud platform, exposing names, dates of birth, and email addresses of Australian customers. The breach is linked to US-based cloud storage company Snowflake. Ticketek assures that passwords and credit card information remain secure and is notifying affected customers.
7. Panasonic Australia Listed as Victim of Akira Ransom Group
Panasonic Australia has been listed as a victim by the Akira ransomware group. Details of the breach are still emerging, but the incident underscores the increasing threat of ransomware attacks on major companies.
Affected Companies This Week:
Northern Minerals
Patties Foods
Victorian Freight Specialists
Ticketek
Panasonic Australia
Stay safe and informed. For more updates and detailed analysis, follow our community at r/AusCyber and subscribe to our alerts.
AusCyber