Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Australia. Show all posts
Technology
Age Restriction Australia Facebook Instagram Meta Social Media Technology

Meta Begins Removing Under-16 Users Ahead of Australia’s New Social Media Ban

 



Meta has started taking down accounts belonging to Australians under 16 on Instagram, Facebook and Threads, beginning a week before Australia’s new age-restriction law comes into force. The company recently alerted users it believes are between 13 and 15 that their profiles would soon be shut down, and the rollout has now begun.

Current estimates suggest that a large number of accounts will be affected, including roughly hundreds of thousands across Meta’s platforms. Since Threads operates through Instagram credentials, any underage Instagram account will also lose access to Threads.

Australia’s new policy, which becomes fully active on 10 December, prevents anyone under 16 from holding an account on major social media sites. This law is the first of its kind globally. Platforms that fail to take meaningful action can face penalties reaching up to 49.5 million Australian dollars. The responsibility to monitor and enforce this age limit rests with the companies, not parents or children.

A Meta spokesperson explained that following the new rules will require ongoing adjustments, as compliance involves several layers of technology and review. The company has argued that the government should shift age verification to app stores, where users could verify their age once when downloading an app. Meta claims this would reduce the need for children to repeatedly confirm their age across multiple platforms and may better protect privacy.

Before their accounts are removed, underage users can download and store their photos, videos and messages. Those who believe Meta has made an incorrect assessment can request a review and prove their age by submitting government identification or a short video-based verification.

The new law affects a wide list of services, including Facebook, Instagram, Snapchat, TikTok, Threads, YouTube, X, Reddit, Twitch and Kick. However, platforms designed for younger audiences or tools used primarily for education, such as YouTube Kids, Google Classroom and messaging apps like WhatsApp, are not included. Authorities have also been examining whether children are shifting to lesser-known apps, and companies behind emerging platforms like Lemon8 and Yope have already begun evaluating whether they fall under the new rules.

Government officials have stated that the goal is to reduce children’s exposure to harmful online material, which includes violent content, misogynistic messages, eating disorder promotion, suicide-related material and grooming attempts. A national study reported that the vast majority of children aged 10 to 15 use social media, with many encountering unsafe or damaging content.

Critics, however, warn that age verification tools may misidentify users, create privacy risks or fail to stop determined teenagers from using alternative accounts. Others argue that removing teens from regulated platforms might push them toward unmonitored apps, reducing online safety rather than improving it.

Australian authorities expect challenges in the early weeks of implementation but maintain that the long-term goal is to reduce risks for the youngest generation of online users.



Read more »
Under-16 Ban
Age Restriction Australia Digital Wellbeing Mobile Security Social Media Ban Under-16 Ban

Australia Bans Under-16s from Social Media Starting December

 

Australia is introducing a world-first ban blocking under-16s from most major social media platforms, and Meta has begun shutting down or freezing teen accounts in advance of the law taking effect. 

From 10 December, Australians under 16 will be barred from using platforms including Instagram, Facebook, Threads, TikTok, YouTube, X, Reddit, Snapchat and others, with services facing fines up to A$50m if they do not take “reasonable steps” to keep underage users out. Prime Minister Anthony Albanese has called the measure “world-leading”, arguing it will protect children from online pressure, unwanted contact and other risks. 

Meta’s account shutdown plan

Meta has started messaging users it believes are 13–15 years old, telling them their Instagram, Facebook and Threads accounts will be deactivated from 4 December and that no new under-16 accounts can be created from that date.Affected teens are being urged to update contact details so they can be notified when eligible to rejoin and are given options to download and save their photos, videos and messages before deactivation. 

Teens who say they are old enough to stay on the platforms can challenge Meta’s decision by submitting a “video selfie” for facial age estimation or uploading a driving licence or other government ID. These and other age-assurance tools were recently tested for the government by the Australian Childrens’ eSafety provider, which concluded that no single foolproof solution exists and that each method has trade-offs.

Enforcement, concerns and workarounds

Australia’s e-Safety Commissioner says the goal is to shield teens from harm while online, but platforms warn tech-savvy young people may try to circumvent restrictions and argue instead for laws requiring parental consent for under-16s. In a related move, Roblox has said it will block under-16s from chatting with unknown adults and will introduce mandatory age verification for chat in Australia, New Zealand and the Netherlands from December before expanding globally. 

The e-Safety regulator has listed the services subject to the ban: Facebook, Instagram, Kick, Reddit, Snapchat, Threads, TikTok, X and YouTube. Exempt services include Discord, GitHub, Google Classroom, Lego Play, Messenger, Roblox, Steam and Steam Chat, WhatsApp and YouTube Kids, which are viewed as either educational, messaging-focused or more controlled environments for younger users.
Read more »
Ransomware attack
Australia Cyber Attacks pharma scam Ransomware attack

Toowoomba Pharmacy Targeted in Ransomware Attack

A pharmacy in Toowoomba, Queensland, has become the latest victim of a ransomware attack, highlighting growing concerns about the digital vulnerability of small businesses. 

The incident occurred last month when hackers gained access to the Friendlies Society Dispensary’s private IT systems. Authorities believe sensitive data stored on the system may have been compromised. 

A coordinated investigation is now underway, involving the National Office of Cyber Security, the Australian Cyber Security Centre, Services Australia, Queensland Health, the National Disability Insurance Agency, and the Department of Home Affairs. 

Bayden Johnson, Chief Executive Officer of the Friendlies Society Dispensary, said the organisation acted quickly once the attack was detected. “We immediately took steps to secure our systems and understand the nature of the incident,” he said. “Our priority now is to determine what information was accessed and ensure all necessary precautions are taken.” 

The pharmacy, which offers healthcare services and mobility support equipment, is cooperating fully with federal authorities. The Department of Home Affairs stated that Services Australia’s systems remain secure and were not affected by the breach. It added that ongoing monitoring is being carried out to detect any irregular activity. 

According to the Australian Signals Directorate (ASD), ransomware incidents account for 11 percent of all reported cyberattacks in the country. 

The ASD’s 2023–24 Annual Cyber Threat Report revealed that a cybercrime report is lodged roughly every six minutes, with small businesses reporting an average loss of $49,600 per attack. 

Associate Professor Saeed Akhlaghpour from the University of Queensland’s Cyber Research Centre said cybercriminals are constantly evolving their tactics. “Attackers are no longer just locking files; they are also stealing and leaking data. Ransomware can even be delivered through browsers, apps, or malicious file uploads,” he explained. 

Dr Akhlaghpour, who researches cybersecurity risks in the healthcare sector, said health organisations such as pharmacies, medical practices, and gyms often face higher risks due to inconsistent monitoring and handling of sensitive information. 

He noted that human error is still the leading cause of ransomware attacks, as employees often reuse passwords or click on unsafe links in haste. With the rise of AI-powered tools that make it easier for criminals to conduct large-scale attacks, he urged small business owners to invest in better cybersecurity systems and response plans. 

“Many breaches occur because of poor risk management and the absence of a clear response strategy,” he said. “Regular monitoring can prevent many of these problems.” 

Dr Akhlaghpour also advised businesses not to pay ransoms if they fall victim to an attack. “You cannot trust criminals. Paying the ransom rarely restores data and often leads to further targeting. Stolen data is frequently resold on the dark web,” he warned. 

Authorities continue to monitor the situation in Toowoomba as cybersecurity experts remind small business owners across Australia to take preventive measures and strengthen their defences against the growing threat of ransomware.
Read more »
TPG
Australia Bank Credentials Breaches Dara Breach phishing Sensitive data Telecom TPG

Aussie Telecom Breach Raises Alarm Over Customer Data Safety

 




A recent cyberattack on TPG Telecom has reignited concerns about how safe personal information really is in the hands of major companies. What the provider initially downplayed as a “limited” incident has in fact left hundreds of thousands of customers vulnerable to online scams.

The intrusion was uncovered on August 16, when unusual activity was detected in the systems of iiNet, one of TPG’s subsidiary brands. Hackers were able to get inside by misusing stolen employee logins, which granted access to iiNet’s order management platform. This internal tool is mainly used to handle service requests, but it contained far more sensitive data than many would expect.


Investigators now estimate that the attackers walked away with:

• Roughly 280,000 email addresses linked to iiNet accounts

• Close to 20,000 landline phone numbers

• Around 10,000 customer names, addresses, and contact details

• About 1,700 modem setup credentials


Although no banking details or government ID documents were exposed, cybersecurity experts caution that this type of information is highly valuable for criminals. Email addresses and phone numbers can be exploited to craft convincing phishing campaigns, while stolen modem passwords could give attackers the chance to install malware or hijack internet connections.

TPG has apologised for the breach and is reaching out directly to customers whose details were involved. Those not affected are also being notified for reassurance. So far, there have been no confirmed reports of the stolen records being used maliciously.

Even so, the risks are far from minor. Phishing messages that appear to come from trusted sources can lead victims to unknowingly share bank credentials, install harmful software, or hand over personal details that enable identity theft. As a result, affected customers are being urged to remain alert, treat incoming emails with suspicion, and update passwords wherever possible, especially on home modems.

The company has said it is cooperating with regulators and tightening its security protocols. But the case underlines a growing reality: personal data does not need to include credit card numbers to become a target. Seemingly routine details, when collected in bulk, can still provide criminals with the tools they need to run scams.

As cyberattacks grow more frequent, customers are left with the burden of vigilance, while companies face rising pressure to prove that “limited” breaches do not translate into large-scale risks.



Read more »
Qantas Airways
Australia Cyber Attacks Data Leak OAIC Personal Data Qantas Airways

Qantas Investigates Cyber Attack That May Have Affected Millions of Customers

 



Qantas Airways has revealed that a cyber attack on one of its third-party service platforms may have compromised the personal data of up to six million customers. The breach was linked to a customer service tool used by a Qantas-operated call centre, and the airline confirmed that suspicious activity was detected earlier this week.

In an official statement, Qantas said a malicious actor gained access to this external platform, but the intrusion has since been contained. Investigations are ongoing to determine how much customer data was exposed, though initial findings suggest the impact could be significant.

The company confirmed that the exposed information may include customer names, contact numbers, email addresses, dates of birth, and frequent flyer membership numbers. However, Qantas clarified that no financial data—such as credit card details, bank information, or passport numbers—was stored on the affected system.

The airline also confirmed that sensitive account credentials, such as passwords, login PINs, and security information, were not accessed. Flight operations and the safety of air travel have not been affected by this breach.

Qantas Group CEO Vanessa Hudson addressed the incident, expressing regret over the situation. “Our customers place their trust in us to protect their personal data, and we deeply regret that this has occurred. We are contacting affected individuals directly and are committed to offering them full support,” she said.

To assist impacted customers, Qantas has launched a dedicated help centre offering expert guidance on identity protection. The support service is reachable at 1800 971 541 or +61 2 8028 0534 for international callers. Customers with upcoming flights have been assured that they do not need to take any action regarding their bookings.

Australian authorities have been notified, including the Australian Cyber Security Centre, the Office of the Australian Information Commissioner (OAIC), and the Australian Federal Police. Qantas has pledged full cooperation with the agencies involved in the investigation.

Shadow Minister for Cyber Security Melissa Price commented on the breach during an interview with ABC, calling it a serious wake-up call for all Australian companies. She emphasized the need for transparency and continuous updates to the public when incidents of this scale occur.

This breach adds to a growing list of cybersecurity incidents in Australia. Other major organizations, including AustralianSuper and Nine Media, have also suffered data leaks in recent months.

Earlier this year, the OAIC reported that 2024 saw the highest number of recorded data breaches since tracking began in 2018. Australian Privacy Commissioner Carly Kind warned that the risks posed by cyber threats are growing and called on both private companies and public agencies to strengthen their defences.

As data breaches become more frequent and complex, cybersecurity remains a critical issue for businesses and consumers alike.

Read more »
Employee Data
Australia Australian Businesses Cybersecurity Researchers Data Breach Data Leak data security Database Leaked Database Security Employee Data

Sydney Tools Data Leak Exposes Millions of Customer and Employee Records

 

A major data leak from Sydney Tools, an Australian retailer specializing in power tools, hand tools, and industrial equipment, has potentially exposed the personal information of millions of customers and employees. The breach, discovered by cybersecurity researchers at Cybernews, involved an unprotected Clickhouse database that remained publicly accessible online, allowing unauthorized individuals to view sensitive data.  

According to the report, the database contained more than 5,000 records related to Sydney Tools employees, including both current and former staff. These records included full names, branch locations, salary details, and sales targets. Given that Sydney Tools reportedly employs around 1,000 people, a large portion of the exposed records likely belong to individuals who no longer work for the company. While no banking details were included in the leak, the exposure of employee information still poses a significant security risk. 

Cybercriminals could use these details to craft convincing phishing scams or for identity theft. Beyond employee data, the breach also exposed an even larger volume of customer information. The database reportedly contained over 34 million online purchase records, revealing customer names, email addresses, phone numbers, home addresses, and details of purchased items. The exposure of this information is particularly concerning, as it not only compromises privacy but also increases the risk of targeted scams. 

Customers who purchased expensive tools and equipment may be especially vulnerable to fraud or burglary attempts. Cybernews researchers have expressed serious concerns over the extent of the breach, highlighting that the database includes a mix of personally identifiable information (PII) and financial details. This kind of information is highly valuable to cybercriminals, who can exploit it for various fraudulent activities. The researchers attempted to notify Sydney Tools about the security lapse, urging them to secure the exposed database. 

However, as of their last update, the data reportedly remained accessible, raising further concerns about the company’s response to the issue. This incident underscores the ongoing risks posed by unprotected databases, which continue to be one of the leading causes of data breaches. Companies handling large volumes of customer and employee information must prioritize data security by implementing robust protection measures, such as encryption, multi-factor authentication, and regular security audits. Failing to do so not only puts individuals at risk but also exposes businesses to legal and reputational damage. 

With cybersecurity threats on the rise, organizations must remain vigilant in safeguarding sensitive information. Until Sydney Tools secures the database and provides assurances about how it will handle data protection in the future, customers and employees should remain cautious and monitor their accounts for any suspicious activity.
Read more »
Hacking
Australia Cyber Attacks cyberattack news data stealing Hacking

University of Notre Dame Hit by Cyberattack— Hackers Say They Stole Everything

 



A cybercriminal group known as Fog Ransomware has claimed responsibility for a cyberattack on the University of Notre Dame in Perth, Australia. According to reports, the group has allegedly stolen 62.2GB of sensitive data, including student medical records, staff and student contact information, and confidential documents.  


Hackers Announce Data Theft on the Dark Web  

The university was first alerted to a cybersecurity breach in January 2025. Recently, technology news sources revealed that Fog Ransomware had posted details of the attack on its dark web leak site. The group claimed to have accessed and stolen a large amount of private and institutional information.  

As of now, the hackers have not made any ransom demands or issued a deadline for payment. Cybersecurity experts believe that this group has a history of targeting educational and recreational institutions worldwide.  


How the Attack Has Affected the University  

The cyberattack has disrupted essential university operations, making it difficult for students and staff to access key services. Some of the areas impacted include:  

1. Payroll and leave management – Employees have been unable to process payments and leave applications as usual. Temporary manual processes have been put in place.  

2. Student enrolments and timetables – Many students have struggled to access their class schedules and register for courses.  

3. Communication services – Internet and email systems have also been affected, causing delays in official university communication.  

University official Patrick Hampton, who is both the Deputy Head of Education and President of the National Tertiary Education Union WA Notre Dame branch, stated that the attack had disrupted critical functions necessary for the university’s daily operations. He also emphasized that staff and students need additional support to cope with these challenges.  


Uncertainty Over the Full Extent of the Data Breach  

At this stage, the university has not been able to confirm exactly what data has been stolen. A spokesperson explained that while primary systems handling student records, finance, and human resources appear secure, some separately stored data might have been compromised.  

To assess the situation, the university has engaged international cybersecurity experts and is working to determine the extent of the breach. Officials have assured that if any personal data is found to be affected, the university will notify those impacted as soon as possible.  


Response and Future Actions

The incident has been reported to the Australian Cyber Security Centre (ACSC), and the university is taking necessary precautions to strengthen its security measures. Despite the ongoing challenges, the university has confirmed that classes for the 2025 academic year will begin as scheduled.  

Meanwhile, the staff union is pushing for greater transparency from the university administration. They are demanding that university leadership keep staff and students fully informed about what data has been compromised and provide assurances about data protection measures moving forward.  

This attack is a reminder of the increasing cybersecurity threats faced by educational institutions. Universities hold vast amounts of sensitive student and staff data, making them prime targets for cybercriminals. 

Read more »
Medical Data
Australia Data Breach Fertility Clinic Genea IVF Firm Medical Data

Australian IVF Giant Genea Suffers Data Breach Following Cyber Incident

 

A leading Australian IVF clinic suspects personal patient information may have been compromised during a cyber attack earlier this month. 

On February 14, Genea suspended several services and launched an inquiry into suspicious activity discovered on its network. In an update, the health service provider stated, we now believe the attacker may have accessed and stolen personal information that we hold. 

“Our investigation has identified that Genea’s patient management systems, which contain information about you, was accessed by an unauthorised third party,” Genea told patients. “We stress that at this point in time it is unknown what personal information within the folders on the patient management system has been compromised.” 

The patient management system includes a goldmine of information, including names, emails, phone numbers, Medicare and private health insurance details, medical history, prescriptions, test results, and doctor's notes. 

“At this stage there is no evidence that any financial information such as credit card details or bank account numbers have been impacted by this incident,” Genea noted. “The investigation is however ongoing, and we will keep you updated of any relevant further findings should they come to light.” 

The IVF service claimed to have notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner (OAIC). It will also meet with both the latter and the National Office of Cyber Security to "discuss the incident". 

Given that the theft involves personal information that potentially causes harm to those it was stolen from, the OAIC will ensure Genea ticks all of the boxes under the notifiable data breaches program. 

After several patients reported that the company's phone lines were down and that there were issues with its app and emails, Genea said last week that it had been obliged to take some systems and services offline "out of an abundance of caution" as it investigated the incident. 

Patients should be on the lookout for unusual emails, texts, phone calls, and "any other attempts that might relate to possible identity theft or fraud using your personal information". Genea, established in 1986 by Professor Robert Jansen, is one of Australia's top three IVF providers, with thousands of patients and 21 facilities across the country.
Read more »
Subscribe to: Comments (Atom)