Australian Data Breaches so far in 2022

Each year in Australia there are thousands of cyber breaches to businesses. Some will get headlines, some go unnoticed but every single Australian will be effected at one stage or another.

Here’s a “short” list of some data breaches that effected Australians in 2022… And we still have a few months to go…

Microsoft – October 2022

• Microsoft data breach exposes customers’ contact info, emails

AFP – October 2022

• AFP classified documents hacked in data leak, exposing agents fighting drug cartels

Vinomofo – October 2022

• Online wine seller Vinomofo hit in major data breach

Medibank – October 2022

• Medibank admits personal data stolen in cyber attack

Woolworths MyDeal – October 2022

• Woolworths says data of 2.2 million customers of its MyDeal website has been exposed

Optus – September 2022

• Optus attack exposes customer information | Personal details of 1.1 million customers purportedly offered for sale.

Uber – September 2022

• Teen hacker gets into Uber, announces data breach on chat software Company forced to shut internal communications and engineering systems.

Fremantle Football Club – September 2022

• Fremantle apologise for AFL data breach

TikTok – September 2022

• TikTok Hacked, Denies Security Breach Allegations

LastPass – August 2022

• Password manager company LastPass reports major security breach | The company – which has more than 25 million users – says hackers stole parts of its source code and other sensitive data but it says no user data was compromised

DoorDash – August 2022

• Aussies’ sensitive details at risk after global data breach | Popular food delivery service DoorDash is investigating whether credit card and contact details of Australians have been leaked.

Facebook – August 2022

• A Facebook glitch has affected users worldwide

WA Health – August 2022

• Health Department under fire as personal details of monkeypox plane passengers sent out in email

Cisco – August 2022

• Hackers Breach Cisco and Steal Data, But Fail to Deploy Ransomware

Twitter – August 2022

• More than 5 million Twitter accounts impacted by recent data breach

University of Western Australia – August 2022

• University of Western Australia Confirms Student Details Exposed in Data Breach

Uber – July 2022

• Uber settles with DOJ for failing to disclose breach that exposed 57 million users’ data

Perth Festival, Black Swan State Theatre Company – July 2022

• Perth Festival, Black Swan Theatre and other arts organisations hit by major data breach

Victorian Government – July 2022

• Students, travellers and staff exposed as Hotel Quarantine data breach revealed

Woolworths – July 2022

• Woolworths denies data breach after outraged shoppers claim Everyday Rewards hacked

Marriott – July 2022

• Marriott suffers yet another data breach

Mangatoon – July 2022

• Millions of comic book fans have data leaked after Mangatoon breach

China Police – July 2022

• Private information of more than 100 Australians exposed amid huge China police data leak

Deakin University – July 2022

• Data on Almost 47,000 Students Exposed in Deakin Uni Breach

AMD – July 2022

• AMD Is Investigating a Potential Data Breach Allegedly Caused by Weak Passwords

OpenSea – July 2022

• NFT giant OpenSea reports major email data breach

iCare – June 2022

• iCare data breach due to ‘human error’, agency says
• iCare sends private details of 193,000 workers to wrong employers

Department of Home Affairs – May 2022

• Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols

NDIS – May 2022

• Sensitive NDIS health data breached in client platform hack
• NDIS case management system provider breached | Updated: “Large volume” of sensitive health data exposed.

Spirit Super – May 2022

• 50,000 super fund members impacted by data breach

APAC – May 2022

• APAC organisations fail to disclose ransomware breaches

Facebook – May 2022

• Mark Zuckerberg, head of Facebook-owner Meta, is being sued in the US over the Cambridge Analytica scandal that compromised the personal data of millions

South Australian Government – May 2022

• More than 90,000 South Australian public servants now involved in payroll data breach

National Tertiary Education Union – May 2022

• NTEU becomes victim of data breach | NTEU servers were subject to a ransomware attack, a week out from University wide-strikes

Transport for NSW – May 2022

• TfNSW hit by second cyber attack in less than 18 months | Confirms authorised inspection scheme system data accessed

Coca-Cola – April 2022

• Coca-Cola investigating potential large-scale data breach | A new threat actor claims to have stolen gigabytes of data

Panasonic – April 2022

• Panasonic hit by another major cyberattack | Almost 3GB of data taken in attack on Panasonic

Block (ASX:SQ2) – April 2022

• Block (ASX:SQ2) share price jumps 6% despite reporting a data breach

Warrnambool Council – March 2022

• Data breach was ‘not serious’

OKTA – March 2022

• Okta confirms hundreds of customers could be affected by data breach – January 2022 breach could have affected hundreds of Okta customers

Microsoft – March 2022

• Hackers Post Images Showing Possible Microsoft Breach – The same cybercriminal group that recently breached Nvidia briefly shares a screenshot that suggests the hackers also gained access to Bing’s source code.
• ‘Single account’ compromise led to Microsoft’s Lapsus$ code leak – Attackers were interrupted mid-operation

Ubisoft – March 2022

• Ubisoft says ‘cyber security incident’ last week shows no evidence of data breach – Ubisoft’s IT team is working with external experts to investigate the incident, which took place last week.

Nvidia – March 2022

• Over 71,000 Nvidia accounts have personal data leaked following hack
• Nvidia hackers claim they also hit Vodafone, threaten data leak

Samsung – March 2022

• Samsung confirms data breach after hackers leak internal source code
• Nvidia hackers hit Samsung and leak huge data dump

Toyota Motor – March 2022

• Toyota suspends domestic factory operations after suspected cyber attack | 13,000 vehicles held up after supplier hacked

OAIC Report – February 2022

• Australian gov data breach numbers slip out of public view
• Latest notifiable data breaches report

NSW Government – February 2022

• Sensitive addresses among more than 500,000 leaked from NSW Government database
• Sensitive business addresses among 500,000 published in COVID data breach

News Corp – February 2022

• Chinese hackers believed to be behind News Corp data breach

CFMMEUR – February 2022

• Union fined for data centre breach

Red Cross Australia – January 2022

• Locations and contact data on 515,000 vulnerable people stolen in Red Cross data breach
• Red Cross hackers exploited Zoho vulnerability to gain entry | Accessed case files of 515,000 vulnerable people held in encrypted database

TfNSW (Accellion) – January 2022

• TfNSW finds more customers, employees impacted by Accellion breach

FlexBooker – January 2022

• Scheduling Platform FlexBooker Discloses Data Breach Affecting 3.7 Million Accounts

Bunnings – January 2022

• Bunnings Confirms Some Customer Data Is Caught up in FlexBooker Breach
• Bunnings shoppers’ personal information potentially exposed to data security breach