Security News

Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services.Medibank Private Limited is one of Australia's largest private health insurance providers, covering over 3.7 million people and having 4,000 employees.

Identities of secret agents working for the Australian Federal Police have been exposed after hackers leaked documents stolen from the Colombian government. The leak comes from a hacktivist group called Guacamaya and includes more than five terabytes of classified data, including emails, documents, and methods AFP agents were using to stop drug cartels from running their business in Australia.

Aussie police have cuffed a 19-year-old Sydney resident accused of trying to extort money from victims of the recent cyberattack and digital burglary at national telecommunications provider Optus. The Australian Federal Police said today it was alerted to the blackmail attempt when some Optus customers were told to transfer AU$2,000 to a bank account or have their personal data used for financial crimes.

Australian telecom giant Optus on Monday confirmed that nearly 2.1 million of its current and former customers suffered a leak of their personal information and at least one form of identification number as a result of a data breach late last month. "Approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised," Singtel said in an announcement made on its website.

Australian telecommunications company Optus has fallen victim to a significant cyberattack and data breach. Coming clean on Thursday, Optus said the attack exposed information including customers' names, dates of birth, phone numbers, email addresses, and - for some - physical addresses, ID document numbers such as driving license or passport numbers.

The campaign, active from April to June of this year, targeted Australian government agencies, Australian media companies and manufacturers who conduct maintenance on wind turbine fleets in the South China Sea. According to the researchers, victims were sent phishing emails that directed them to faked versions of Australian news outlets The Herald Sun and The Australian.

China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet. Victims landed on the fraudulent site after receiving phishing emails with enticing lures and received a malicious JavaScript payload from the ScanBox reconnaissance framework.

A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by domestic violence perpetrators and child sex offenders. "The Frankston man engaged with a network of individuals and sold the spyware, named Imminent Monitor, to more than 14,500 individuals across 128 countries," the Australian Federal Police alleged in a press release over the weekend.

The report, titled Technology-facilitated abuse: National survey of Australian adults' experiences [PDF], used a sample of 4,562 subjects and found that approximately one in three TFA victimization experiences occurred "In a current or former intimate partner relationship." Australians with a disability, the LGBTQ+ community, and indigenous Australians were more likely to have experienced TFA than other groups. "We have no constraints within the company which precludes anyone from choosing what they want to do and we've had extensive discussions and meetings with the appropriate authorities," said the CEO. Labor rights organization Nascent Information Technology Employees Senate told The Register Parekh's comments were "Misleading."

New South Wales, Australia's most populous state, launched its DDL program in 2019, and as of 2021 officials there said that slightly more than half of the state's eight million people use the "Service NSW" app that displays the DDL and offers access to many other government services. "The DDL is hosted securely on the new Service NSW app, locks with a PIN and can be accessed offline. It will provide additional levels of security and protection against identity fraud, compared to the plastic driver licence," NSW Minister for Customer Service Victor Dominello said in 2019 when the service launched.