Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Australia. Show all posts
Hacking
Australia Cyber Attacks cyberattack news data stealing Hacking

University of Notre Dame Hit by Cyberattack— Hackers Say They Stole Everything

 



A cybercriminal group known as Fog Ransomware has claimed responsibility for a cyberattack on the University of Notre Dame in Perth, Australia. According to reports, the group has allegedly stolen 62.2GB of sensitive data, including student medical records, staff and student contact information, and confidential documents.  


Hackers Announce Data Theft on the Dark Web  

The university was first alerted to a cybersecurity breach in January 2025. Recently, technology news sources revealed that Fog Ransomware had posted details of the attack on its dark web leak site. The group claimed to have accessed and stolen a large amount of private and institutional information.  

As of now, the hackers have not made any ransom demands or issued a deadline for payment. Cybersecurity experts believe that this group has a history of targeting educational and recreational institutions worldwide.  


How the Attack Has Affected the University  

The cyberattack has disrupted essential university operations, making it difficult for students and staff to access key services. Some of the areas impacted include:  

1. Payroll and leave management – Employees have been unable to process payments and leave applications as usual. Temporary manual processes have been put in place.  

2. Student enrolments and timetables – Many students have struggled to access their class schedules and register for courses.  

3. Communication services – Internet and email systems have also been affected, causing delays in official university communication.  

University official Patrick Hampton, who is both the Deputy Head of Education and President of the National Tertiary Education Union WA Notre Dame branch, stated that the attack had disrupted critical functions necessary for the university’s daily operations. He also emphasized that staff and students need additional support to cope with these challenges.  


Uncertainty Over the Full Extent of the Data Breach  

At this stage, the university has not been able to confirm exactly what data has been stolen. A spokesperson explained that while primary systems handling student records, finance, and human resources appear secure, some separately stored data might have been compromised.  

To assess the situation, the university has engaged international cybersecurity experts and is working to determine the extent of the breach. Officials have assured that if any personal data is found to be affected, the university will notify those impacted as soon as possible.  


Response and Future Actions

The incident has been reported to the Australian Cyber Security Centre (ACSC), and the university is taking necessary precautions to strengthen its security measures. Despite the ongoing challenges, the university has confirmed that classes for the 2025 academic year will begin as scheduled.  

Meanwhile, the staff union is pushing for greater transparency from the university administration. They are demanding that university leadership keep staff and students fully informed about what data has been compromised and provide assurances about data protection measures moving forward.  

This attack is a reminder of the increasing cybersecurity threats faced by educational institutions. Universities hold vast amounts of sensitive student and staff data, making them prime targets for cybercriminals. 

Read more »
Medical Data
Australia Data Breach Fertility Clinic Genea IVF Firm Medical Data

Australian IVF Giant Genea Suffers Data Breach Following Cyber Incident

 

A leading Australian IVF clinic suspects personal patient information may have been compromised during a cyber attack earlier this month. 

On February 14, Genea suspended several services and launched an inquiry into suspicious activity discovered on its network. In an update, the health service provider stated, we now believe the attacker may have accessed and stolen personal information that we hold. 

“Our investigation has identified that Genea’s patient management systems, which contain information about you, was accessed by an unauthorised third party,” Genea told patients. “We stress that at this point in time it is unknown what personal information within the folders on the patient management system has been compromised.” 

The patient management system includes a goldmine of information, including names, emails, phone numbers, Medicare and private health insurance details, medical history, prescriptions, test results, and doctor's notes. 

“At this stage there is no evidence that any financial information such as credit card details or bank account numbers have been impacted by this incident,” Genea noted. “The investigation is however ongoing, and we will keep you updated of any relevant further findings should they come to light.” 

The IVF service claimed to have notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner (OAIC). It will also meet with both the latter and the National Office of Cyber Security to "discuss the incident". 

Given that the theft involves personal information that potentially causes harm to those it was stolen from, the OAIC will ensure Genea ticks all of the boxes under the notifiable data breaches program. 

After several patients reported that the company's phone lines were down and that there were issues with its app and emails, Genea said last week that it had been obliged to take some systems and services offline "out of an abundance of caution" as it investigated the incident. 

Patients should be on the lookout for unusual emails, texts, phone calls, and "any other attempts that might relate to possible identity theft or fraud using your personal information". Genea, established in 1986 by Professor Robert Jansen, is one of Australia's top three IVF providers, with thousands of patients and 21 facilities across the country.
Read more »
Scammer
Australia Cyber Attacks fake payment cards fake websites Malicious Link MyGov App Online Payment Fraud Payment Fraud Scammer

Scammers Use Fake Centrelink Promises to Target Australians Online

 

Australians have been cautioned about a recent wave of scam websites falsely advertising significant Centrelink payments. These sites promise financial boosts, sometimes hundreds or thousands of dollars, to low-income residents and seniors, exploiting people facing financial challenges. Fraudsters create convincing websites that mimic government agencies like Centrelink, Service Australia, and myGov, claiming these funds are aimed at helping Australians manage the rising cost of living. To create legitimacy, scammers have designed sites that appear to offer eligibility checks, which are actually tactics to gather personal details. 

These scams largely stem from international sources, including countries like India, and often display website URLs ending in “.in” instead of “.gov.au,” an indicator of their inauthenticity. If Australians are lured into these sites, they might be asked to enter personal information, leading to risks of identity theft, unauthorized access to accounts, or financial loss. Scammers also contact victims through text messages, emails, and even direct calls, adding urgency by claiming that immediate action is required to avoid consequences such as account closures or legal threats. The National Anti-Scam Centre has warned users not to trust unsolicited links or messages, as legitimate government organizations do not send out emails or texts asking for login credentials. 

To safeguard against these scams, Australians should only rely on official government websites such as servicesaustralia.gov.au and my.gov.au, as these sites have secure government domains that are easily recognizable. If users are unsure about a message or website, they should verify through official contact channels or report the suspected scam to authorities. Fake Centrelink promises have targeted people’s vulnerabilities by exploiting the challenging economic conditions many Australians currently face. As such, the National Anti-Scam Centre and Services Australia have been actively educating citizens on how to spot fake offers. Scams typically feature enticing language, such as “life-changing benefits,” or make claims about “one-off payments” to attract attention. 

Although these offers may sound appealing, it’s essential to remember that if a promise sounds too good to be true, it likely is. Identifying and reporting such scams can help prevent others from falling victim to these frauds. Authorities urge everyone to double-check website URLs, avoid clicking on suspicious links, and never disclose personal information to unverified sources. The Australian government has intensified efforts to address these scams, working to identify, block, and take down fraudulent sites where possible. While scammers’ techniques evolve, Australians can protect themselves by staying informed, cautious, and vigilant.
Read more »
Public Wifi
Australia Cyber Attacks data security Hacker attack Internet Safety Network Attacks Network Security Public Wifi

Avoid Evil Twin Attacks: Hackers Target Public Wi-Fi in Airports and Coffee Shops

 

Travelers have long been warned about the dangers of public Wi-Fi, especially in places like airports, where lax security makes them a hacker’s playground. A recent arrest in Australia has drawn attention to the resurgence of “evil twin” attacks, where cybercriminals set up fake Wi-Fi networks to steal login credentials. This type of cybercrime, known as a “Man in the Middle” attack, allows hackers to create a seemingly legitimate Wi-Fi network that unsuspecting users connect to, unknowingly handing over personal information. 

The Australian case involved a man who set up fake Wi-Fi networks at airports and on domestic flights to steal credentials. Hackers like him can easily disguise their operations with small devices, hidden in plain sight, that mimic legitimate networks. Travelers, eager for free Wi-Fi, often overlook warning signs and quickly connect without verifying the network’s authenticity. Once connected, they enter their credentials on fake login pages designed to collect sensitive information. The ease of executing these attacks, combined with users’ familiarity with free Wi-Fi, makes evil twin attacks increasingly common. 

Hackers don’t need high-tech equipment or skills—just motivation and a basic understanding of how to set up a convincing rogue network. Once personal details are collected, they can be used for further exploitation, like accessing social media or bank accounts. To protect against evil twin attacks, experts recommend using mobile hotspots instead of public Wi-Fi. By creating your own hotspot, you control the network and can set a secure password. A VPN is another helpful tool, as it encrypts data, making it unreadable even if intercepted. For travelers unable to avoid public Wi-Fi, it’s essential to be cautious, verify network names, and avoid entering sensitive information on unfamiliar networks. 

The Australian case highlights how few cybercriminals are caught, despite the frequent occurrence of evil twin attacks. Airlines and airports are not always equipped to handle such threats, so it falls on travelers to take responsibility for their own cybersecurity. In this case, the attacker managed to steal dozens of credentials before being apprehended, a rarity in the world of cybercrime.  

With public Wi-Fi so widely available and used, it’s critical for travelers to remain vigilant. Hackers only need a small percentage of users to fall for their trap to succeed. Next time you find yourself at an airport, think twice before connecting to free Wi-Fi—it might just be safer to bring your own network.
Read more »
Small Businesses
Australia Australian Businesses Customer Data Cyber Security awareness Data Breach Data Leak small business security Small Businesses

Small Trade Businesses Urged to Strengthen Security After Total Tools Data Breach

 

Small trade businesses are on high alert following a significant data breach at Total Tools, a major Australian hardware retailer, which exposed sensitive information of over 38,000 customers. This breach compromised customer names, credit card details, email addresses, passwords, mobile numbers, and shipping addresses, making small trade businesses potential targets for secondary cyberattacks. 

The CEO of the Council of Small Business Organisations Australia (COSBOA), Luke Achterstraat, emphasized the importance of heightened vigilance for businesses, especially those in the construction and trades sector, as they face increased risks of cyber threats. Achterstraat urged all businesses with online hardware accounts to monitor for any unusual activity in the coming days and weeks. He stressed the importance of protecting sensitive data, finances, and client information from potential scams and fraud. COSBOA recommends businesses to immediately review their security protocols, change all passwords linked to Total Tools accounts, and enable two-factor authentication where possible to minimize the risk of unauthorized access. 

To further support small businesses, COSBOA is promoting the Cyber Wardens program, a free eLearning initiative funded by the Federal Government. This program is designed to help small businesses and their employees fortify their digital defenses against cyber threats, equipping them with the knowledge to identify and prevent cyberattacks. COSBOA has partnered with industry bodies such as the Master Builders Association, the National Timber and Hardware Association, and the Master Grocers Association to ensure that small businesses across Australia have access to the necessary resources to safeguard against cybercrime. 

With cyberattacks on the rise, especially in sectors like construction and trades, small businesses must stay informed and prepared. Hackers often exploit vulnerabilities in these industries due to the valuable data they handle, such as payment information, client details, and supplier contracts. Therefore, investing time in employee training and implementing cybersecurity best practices can significantly reduce the risk of future breaches. The recent data leak at Total Tools serves as a critical reminder that even trusted suppliers can fall victim to cyberattacks, putting customers and affiliated businesses at risk. As more companies move toward digital solutions, the importance of cybersecurity can’t be overstated. COSBOA’s efforts, through the Cyber Wardens program, aim to create a more secure environment for Australia’s 2.5 million small businesses, ensuring they are well-equipped to tackle the ever-evolving cyber threats. 

In addition to joining cybersecurity programs, businesses should regularly update software, employ strong, unique passwords, and back up essential data to reduce the impact of potential breaches. By taking these proactive steps, small trade businesses can enhance their digital security, ensuring they remain resilient against future cyber threats.
Read more »
Threat Landscape
Australia Cyber Security Energy sector IT Management Threat Landscape

Cyber Security: A Rising Threat to Australia’s Renewable Energy Campaign

 

Australia is striving to become a more energy-efficient nation. The Australian Renewable Energy Agency recently announced a $100 million effort to research and develop solar energy technologies. Further investments in energy storage, pumped hydro, and low-carbon systems may be equally substantial. 

However, the nation must also address an underlying issue: the integration of solid IT and software foundations into the OT systems that power the grids. Without these, Australia may struggle to fully meet its renewable energy goals.

Combination of IT and OT

OT refers to software and hardware that identifies or creates changes in the enterprise by directly monitoring and controlling physical devices, processes, and events. IT refers to the use of systems, particularly computers and telecommunications, to store, retrieve, and transmit information. 

Traditionally, these two types of technology have been kept segregated and controlled separately. However, the combination of OT and IT is critical for the modernisation of energy networks. According to IBM, the integration must be effective in four areas: 

Smart meters: It detects energy usage in real time at the consumer's end, delivering comprehensive consumption patterns to both the consumer and the energy provider. 

Sensors and automation devices: These are used across the grid to monitor voltage, current, and load capacity, among other metrics. They can automatically alter parameters to avoid overloads and long-term, large-scale outages.

Communication networks: As the backbone of any smart grid, communication networks enable data transmission between diverse components such as sensors, automated devices, and control centres. Transmission systems can be wired or wireless, and can use a variety of protocols and communication technologies, including Wi-Fi, Z-Wave, Zigbee, and 4G/5G. 

Software and analytics: Smart grids generate vast volumes of data. Utility companies use complex software and analytics technologies to handle, analyse, and interpret this data. This software, and the data it gives, can assist providers in predicting demand patterns, identifying potential concerns, and optimising the distribution network. 

Cyber threats 

Australia is at serious risk of facing cyber threats via OT technology, which will have an impact on the country's renewable energy aspirations. With 82% of organisations suffering cyber attacks via OT systems, there is an increasing risk being brought into Australia's electricity grid as it digitalises.

The country is also becoming more reliant on a highly decentralised energy approach, which increases the attack surface significantly. Rooftop solar, for example, consists of solar panels installed on individual homes and businesses that are then connected to the grid via IoT devices, software, and digital technologies. This has contributed to 40% of Australia's energy being supplied by renewable sources. 

Need to increase investment 

For Australia to sustainably harness renewable energy, it must lay solid IT foundations. The Australian Energy Sector Cyber Security Framework is a positive regulatory step that builds on successful frameworks like the U.S. Department of Energy's Electricity Subsector Cybersecurity Capability Maturing Model and aligns it with Australian-specific control references like the ACSC Essential 8. 

However, the IT channel, which includes IT professionals and service providers, as well as IT experts, must bring the skills and expertise required to manage and protect integrated energy systems. This includes knowing the particular issues of OT environments as well as how to effectively implement IT solutions. This strategy can help Australia achieve a renewable energy transition that is both successful and secure against an increasing number of cyber threats.
Read more »
MediSecure
Australia cyber attack Data financial strain Hacking Healthcare MediSecure

Massive Cyber Attack Hits MediSecure, Impacting Millions of Australians

 



In a shocking revelation, MediSecure, an eprescription provider, has confirmed that approximately 12.9 million Australians have been affected by a cyberattack that occurred in April. This incident has surpassed previous notable breaches, including the Optus and Medibank data breaches in 2022, in terms of the number of individuals impacted.

The administrators of MediSecure, FTI Consulting, disclosed that the compromised data includes individuals' healthcare identifiers. However, due to the complexity and sheer volume of the data involved, identifying the specific individuals whose data was stolen is financially unfeasible for the company. This inability to pinpoint affected individuals prevents MediSecure from notifying them about the breach.

Data Complexity and Financial Constraints

The compromised server contained 6.5 terabytes of data, equivalent to billions of pages of text. This data was stored in a mix of semi-structured and unstructured formats, making it extremely difficult to analyse without incurring substantial costs. The encrypted nature of the server further complicates efforts to determine the exact information accessed by the malicious actors. MediSecure's financial limitations have left the company unable to afford the extensive resources needed to sift through the massive amount of data.

Notification Delays and Administrative Actions

Despite the hack occurring in April, MediSecure did not make the incident public until May. The delayed notification has raised concerns about the company's crisis management and communication strategies. Subsequently, the company entered administration in June, and its subsidiary, Operations MDS, went into liquidation. This subsidiary was identified as the main trading entity of the corporate group, highlighting the severe impact of the cyberattack on the company's operational capabilities.

Impact on Healthcare Services

MediSecure had provided a crucial service that allowed healthcare professionals, such as general practitioners, to send electronic prescriptions to patients. However, this service has not been used for new electronic prescriptions since November 15, following a decision by the federal Health Department to designate eRx as the sole e-script provider. This shift has left many healthcare providers scrambling to adapt to the new system, further complicating the ecosystem for electronic healthcare services in Australia.

The MediSecure cyberattack highlights the growing threat of data breaches and the challenges companies face in managing and mitigating such incidents. With 12.9 million Australians potentially affected and the company unable to notify them, the breach underscores the need for robust cybersecurity measures and the financial resilience to respond effectively to such crises. This incident serves as a stark reminder of the vulnerabilities that exist in the digital age and the critical importance of safeguarding sensitive information.


Read more »
User Safety
Australia Cyber Fraud Data Leak Data Privacy Flight Scam User Safety

Australian Man Arrested for Evil Twin Wi-Fi Attacks on Domestic Flights

 

Police in Australia have arrested and charged a man with nine cybercrime crimes for allegedly setting up fictitious public Wi-Fi networks using a portable wireless access point to steal data from unsuspecting users. 

The man designed "evil twin" Wi-Fi networks at airports, during flights, and other places related to his "previous employment" that would deceive people into registering into the fake network using their email address or social media accounts. Police stated the login data was then transferred to the man's devices. 

Dozens of credentials were reportedly obtained. This information might have enabled the perpetrator to get access to victims' accounts and possibly steal further sensitive information such as banking login details or other personal information. Employees of the airline noticed one of the strange in-flight Wi-Fi networks. The anonymous Australian airline then reported the Wi-Fi's presence to authorities, who investigated the situation in April and arrested the suspect in May. 

According to the Australian Broadcasting Corporation, the man, Michael Clapsis, appeared before Perth Magistrates Court and was subsequently released on "strict" bail with limited internet access. He also had to submit his passport. Clapsis' LinkedIn profile, which has since been deleted, hints that he may have previously worked for a shipping company. 

He has been charged with three counts of unauthorised impairment of electronic communication, three counts of possession or control of data with the intent to commit a serious offence, one count of unauthorised access or modification of restricted data, one count of dishonestly obtaining or dealing in personal financial information, and one count of possessing identification information with the intent to commit an offence. Clapsis is set to appear in court again in August. 

Evil twin attacks can use a variety of tactics to steal victims' data. However, they typically entail providing free Wi-Fi networks that appear genuine but actually contain "login pages" designed to steal your data. Genuine Wi-Fi networks should never ask you to login using your social media credentials or provide a password for any of your accounts. It is also recommended to use a VPN and avoid connecting to public Wi-Fi networks when a more secure option is available.
Read more »
Subscribe to: Posts (Atom)