• AusPost’s bill scanner involved in Gmail privacy sweep – Works with Google to ensure API permissions aren’t revoked

ASUS – March 2019

• ASUS PC users are targeted – Users were infected via a software update
• ASUS releases a fix after malware attack – However some users were unable to update their PC

Bank of Queensland – March 2019

• The Bank of Queensland warns of a third-party data breach – The bank announced it was made aware of a breach by a third party provider

Kathmandu – March 2019

• Kathmandu credit cards were cancelled as the retailer revealed their online store was hacked
• Kathmandu flags the suspected data breach
• Data breaches have possibility to ruin customer relationships

Citrix – March 2019

• Citrix investigates major security breach and says it believes at least 6TB of data was downloaded

Melbourne Hospital – February 2019

• A cyber crime syndicate accessed the medical files of 15,000 patients at health group at Melbourne’s Cabrini Hospital
• Melbourne Heart Group hit by ransomware attack

CoffeeMeetsBagel – February 2019

• Happy Valentines Day – The dating site reveals data breach of Australian users information
• ‘Coffee Meets Bagel’ site affected by data breach

9Honey – February 2019

• The dating app reports a data breach

Toyota Australia – February 2019

• Toyota Australia was hit by a cyber attack that took down its email and other systems
• Millions of customers’ data accessed in second Toyota hack
• Toyota Australia affected by cyber attack

AMP – February 2019

• Chinese AMP contractor pleads guilty to data breach

LandMark White – February 2019

• Australian bank customers caught in data breach caused by undisclosed ‘security vulnerability’
• Home loan details of 100,000 customers hacked
• LandMark White blames exposed API for data breach – ANZ confirms it has suspended use of the property valuer
• Valuation firm hit by data breach LandMark White pleads for long share suspension
• NAB pulls plug on LandMark White as home loan breach scandal grows
• LandMark White blames ill-informed public commentary on its dark web data breach
• Centrelink keeps LandmarkWhite, says data breach hit ‘very small’ client group
• LandMark White counts cost of data breach – LandMark White still unsure of financial impact
• LandmarkWhite knew of IT weakness in 2017, a year before data breach
• Landmark White’s stolen data re-appears on dark web
• LandmarkWhite faces regulator scrutiny over IT response, disclosure
• LandMark White CEO exits after data breach – two directors step down from board

Department of Parliamentary Services – February 2019

• Security breach affects parliament’s IT network
• Political party networks caught up in the breach
• The cyber attack on Parliament was done by a ‘state actor’ 
• Citrix | Australian parliament hackers gain remote access

Bunnings – February 2019

• Bunnings staff performance database exposed on the internet

Facebook – January 2019

• Apple Shuts Down Facebook Data Collecting App
• Apple punishes Facebook over app that paid users to hand over data
• Facebook stored millions of user passwords in plain text – hundreds of millions of users to be notified
• Facebook says up to 111,813 Aussies in last year’s security breach
• Facebook’s lax security has left millions of users with a lot to worry about
• Facebook staff had access to millions of users’ passwords in plain text, violating security practices

My Health Records – January 2019

• Critics want My Health Record delayed again after recording 42 data breaches this year
• My Health Record system data reaches rise
• As My Health Record opt-out ends, security concerns continue

Global Hacking Scare – January 2019

• Global hacking scare nets Queensland MP, Surf Life Saving as millions of passwords were breached

SkoolBag – January 2019

• MOQdigital’s education software platform SkoolBag caught in global data breach

Optus – January 2019

• Optus mistakenly publishes private numbers online and in White Pages

Collection #1 – January 2019

• Breach exposes a record 773 million email addresses – The massive list was posted to a hacking forum including 21,222,975 unique passwords
• Experts comment on record data breach
• The Australian Cyber Security Centre (ACSC) warns on dark web PS data

Fisheries Queensland – January 2019

• Fisheries Qld blames bad update for password ‘fault’

First National Real Estate – January 2019

• Job applicant data exposed online
• Data breach exposes personal info of jobseekers

Department of Planning and Environment, NSW Major Projects – January 2019

• Furious Tweed Valley Hospital site protesters say their privacy has been breached after their personal details were published online without permission.

Marriott Hotel Group / Starwood – January 2019

• Marriott unsure how many millions of guests were affected by data breach
• Starwood hack exposed 5.25m unencrypted passport numbers

Early Warning Network – January 2019

• Emergency text and email service hacked, thousands receive warning messages about their personal information

Big W – January 2019

• Customer data leaked due to printer repair mishap

Hawthorn Football Club – January 2019

• Hawks warn members of security threat

Victorian Public Servants – January 2019

• Victorian Public Servants hit by massive data theft, with details of 30,000 of public servants stolen

Nova Entertainment – January 2019

• Nova notifies listeners and admits to huge data breach

The unfortunate reality is that cyber attacks will continue to grow in frequency and complexity. Organisations should accept and recognise the threat, implement ongoing training to teach employees to recognise any potential threats, adopt or tighten up data protection measures and information governance, and allocate sufficient budget to mitigate this risk.