Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Optus. Show all posts

Australia's OAIC Confirms Substantial Increase in Data Breaches

According to the Office of the Australian Information Commissioner's (OAIC) most recent report on notifiable data breaches, there was a 26% rise in breaches in the second half of 2022, including many significant breaches that affected millions of Australians.

The OAIC reports that cyber security incidents led to 33 out of the 40 breaches affecting more than 5,000 Australians. In the first half of 2022, there were just 24 significant breaches.

Massive data breaches at Optus and Medibank in the second half of 2022 exposed the personal data of about 9.8 million and 9.7 million people, respectively.

Large-scale breaches naturally garnered a lot of attention, although only 62% of reported breaches had an impact on more than 100 persons.

In total, malicious or criminal attacks accounted for 70% of data breaches. Human error, which most frequently manifests itself in the form of sending emails to the wrong recipient, closely followed by unintended release or publication, and failing to use BCC when sending emails came in third place, accounting for another 25% of data breaches.

In the December quarter of 2022, Australia's gross domestic product increased by just 0.5%, a dramatic fall from the December quarter of 2021 when lockdowns in Sydney and Melbourne were lifted. Despite migrant arrivals increasing by 171% to 395,000 from 146,000 in 2021–22, the GDP per capita—or the economic output for each individual—remained unchanged.

The Commonwealth government responded, in part, by toughening the penalties under the Privacy Act and giving the Australian Information Commissioner more authority to enforce it. It also started a review of the Act. One of the suggestions is to eliminate the Privacy Act's small business exemption, which presently excludes the majority of companies with annual sales of up to A$3 million, but only after an impact review and other criteria have been completed.









Latest Cyberattack on LJ Hooker by a Ransomware Gang

 


It is reported that a ransomware gang has been able to steal the personal data of at least 375 gigabytes from a franchise of the Australian real estate giant, LJ Hooker, as a result of its ransomware attacks. The data collected include passport scans, credit card information, and loan information. 

As part of a blog post used to preview some of the data stolen in the cyber-attack against LJ Hooker, which was posted on the dark web on November 30, the blog mentioned LJ Hooker's name as a victim of the Russia-linked ransomware gang ALPHV, also known as "BlackCat." 

As VICE has already reported, the company began publishing personal information about employees' passports. Many social media login credentials, profit-loss statements, and a contract for the sale of a property have also been posted by the group. 

The group claimed to have even more “internal company data,” including employees' personal information, such as IDs, and client data, including “financial information” and “credit card information.” 

Using independent verification, VICE corroborates part of the preview, which pertains to an office of LJ Hooker, located in New South Wales. 

As confirmed by a spokesperson for LJ Hooker in a statement to VICE, at least one of their offices had become the victim of a data breach. LJ Hooker is still working to determine the scope of the breach while the company is currently taking steps to protect the data of its customers from another breach. The company has "informed the relevant government cyber and data bodies." The company is still investigating the scope of the infringement. 

As far as the Australian authorities are concerned, ALPHV was first identified by the security community in late 2021 as a "ransomware-as-a-service" program associated with "Russian-speaking cybercriminals". There is a growing concern that the group, in 2022, will pose an "increased threat" to Australia's "government" and "critical infrastructure." 

There is widespread understanding that this collective was one of those responsible for last year's breach of the Colonial Pipeline. This is the world's largest fuel pipeline in the United States. Oil refineries provide about 45 percent of the gasoline consumed in the eastern part of the country. 

There were approximately 10,000 gas stations left without gas in the country as a result of the action of hackers. This led to a panic buying spree among people. Hence, Colonial bowed to the orders of the group and paid a ransom of approximately $US5 million, which was equal to a total of 75 Bitcoins at the time. This was a result of this ransom demand. 

A large-scale data breach has been carried out against an Australian company, LJ Hooker, for the third time in the last three months resulting in substantial data leakage. 

Initially, Optus was hit back on September 22, when it was reported that the telecommunications giant had been attacked by hackers who had compromised the data of up to 9.8 million Australians due to the cyberattack. Later, the hack would become one of the largest ever recorded in the history of Australian hackers. 

After a similar attack was reported on October 13 on Medibank, it was reported shortly after that approximately 3.9 million Australians were subjected to a similar attack. This resulted in compromised personal information regarding them. 

During November, the dark web was flooded with patient records of more than 1,500 individuals. Last week, the hackers posted a new 5GB dump of data announcing that the case had been closed.

Data Breach: Victoria Launches Investigation, Attack Impacts Families Across Australia


Government launches investigation for data breach

The Victorian government has launched an investigation into a possible data breach that could have impacted thousands of families across the state. 

Investigators are working to find out if a cyberattack on a tech company used by the Victorian government has hit people. 

PNORS Technology Group, which works with various state departments like the Department of Education and Training, was attacked by threat actors recently. 

Who is impacted?

The attack might have leaked medical records and answers for The School Entrant Health Questionnaire (SEHQ), which is filled out by every family in the state. Premier Daniel Andrews said it is not clear whether any personal information has been leaked. 

"It's not determined yet, it's not definitive, but there's the potential for a breach," he said to the media on Saturday. 

"They're working through that around the clock, and they're doing that job well. As soon as we have confirmation of anyone's records being compromised, then we will make a statement, and we'll work with any of those people."

The Department of Premier and Cabinet in a joint effort with PNORS Technology Group is meaning the extent of the information breach and to prevent similar attacks in the future.

What next?

The Victorian government's Cyber Incident Response Service has been informed and is taking needed action. Protecting Victorian systems and data is its top priority, it says. 

The cyberattack comes after a recent high-profile compromise of Optus and Medibank, where threat actors stole data from millions of Australians. 

What is the veteran card pledge?

Also last Sunday, the state government announced a $37 million election pledge for the Victorian Veteran Card as a help for veterans during the cost of living crisis. 

Over 90,000 veterans across Australia are entitled to a $100 discount on the registration of one vehicle, plus free public transport on Remembrance Day and Anzac Day. Veteran Minister Shaun Leane said the state government would raise assistance for veterans if it wins the November 26 election. 

He said: "Veterans' contributions don't end when they leave the defense force. Only Labor will support them to retrain and reskill because they still have so much to give to our community."

The statement comes following Mr. Andrews' address to the questions regarding his role in awarding two grants worth $3.4 Million to the Health Services Union in 2018. 

The statement read: 

"Regardless of any smear, innuendo, or media reporting based on anonymous sources, the only IBAC matters I will comment on are those that are the subject of a final report, as is appropriate and has always been my practice. Questions about what IBAC is or is not doing are a matter for the independent agency. I act appropriately at all times and in all things. That is the oath I swore, and I take it very seriously."

 Australia Imposes Corporate Fines on Cybercriminals 

 

Following two significant cybersecurity breaches that exposed millions of people to illegal activity, Australia on Saturday recommended stiffer sanctions for businesses that don't protect customer data. 

The maximum punishment for recurrent offenses will be raised from the current $1.4 million to $32 million under amendments that will be presented to the Australian Parliament, according to a report from Reuters. In addition, if a company's revenue for a given period surpassed AU$50 million ($32 million), it might be fined the equivalent of 30% of that turnover.

Big firms might be liable for penalties of up to hundreds of millions of dollars, as per Attorney General Mark Dreyfus. It's designed to elicit thought in businesses. It's intended to act as a deterrent to urge businesses to safeguard Australians' data.

Tuesday marks the first day of parliament since the mid-September recess. Unknown hackers have stolen the personal information of 9.8 million users of Optus, Australia's second-largest wireless telecommunications provider since Parliament last met. Data theft has increased the danger of identity theft and fraud for more than one-third of Australia's population.

Unknown cybercriminals claimed to have stolen 200 terabytes of customer data, including medical diagnosis and treatments and demanded ransom from Medibank, Australia's largest health insurer, this week. There are 3.7 million clients of Medibank. According to the business, the hackers have established that they possess at least 100 people's personal information.

The government worries that businesses are holding on to excessive amounts of customer data for far too long in the hopes of making money out of it in addition to failing to safeguard personal information.

In the final 4 weeks that Parliament shall meet this year, Dreyfus expects that the suggested revisions will pass into law. Any new fines won't apply retroactively and won't have an impact on Optus or Medibank.





Another Singlet Subsidiary Faces Cyber Attack, Weeks after Optus Data Breach

 

Weeks after the data breach at the Australian telcom giant, Optus, Singapore Telecommunication Ltd, Singlet recently confirmed that its unit, Dialog has faced a cyber-attack. The attack has reportedly affected 1,000 of the company’s current and former employees and about 20 clients. 
 
A similar case of a data breach at Optus, the Australian subsidiary of Singlet took place late this September. The data breach reportedly compromised the personal data of up to 10 million customers, including present and former employees. 
 
Days after the breach, the threat actors withdrew a ransom demand of $1 million from the telecom company, describing there were “too many eyes” on the hacked data. The hackers nonetheless went ahead and leaked customer records of more than 10,000 customers, in order to prove that they actually have access to the data. 
 
“On Saturday 10 September 2022, we detected unauthorized access on our servers, which were then shut down as a preventive measure. Within two business days, our servers were restored and fully operational. We contracted a leading cyber security specialist to work within our IT Team to undertake a deep forensic investigation and continuous monitoring of the Dark Web. Our ongoing investigation showed no evidence of unauthorized downloading of the data[…]On Friday 7 October 2022 we became aware that a very small sample of Dialog’s data, including some employees’ personal information, was published on the Dark Web.” states Dialog regarding the data breach. 
 
Dialog mentioned how its systems were completely independent of Optus and IT unit NCS while assuring that there was in fact no evidence of any link between the data breaches at Dialog and Optus.  
 
"With this being the third large breach impacting the company in the last few years, it sounds like it is time to review the company's cybersecurity program because something is clearly not working," states O'Toole. 
 
"Everyone knows employees are the number one target for criminals looking to steal and compromise an organization's data, so addressing this risk must be the priority," she added. 
 
As per the CEO, one of the prominent solutions to tackle the risk is by deploying encrypted network access and segmentation tools, which encrypt employee credentials and other information so they cannot be hacked or stolen. "This closes doors on attackers, and it will significantly improve Singtel's security defenses against data breaches in the future," she added.

Telecom Giant Optus Suffers Data Breach, Leaking Info of Million Customers


Millions of customers suffer a data leak

Optus, an Australian telecom giant earlier this week confirmed that around 2.1 million of its present and past customers suffered data leaks that included their personal details,  at least one type of identification number, as a consequence of a data breach that happened late in September. 

Others believe that the Optus data breach incident has exposed the personal information of around 10 million people. Cybercrime in Australia has always been a pressing issue, it costs the country a minimum of $10 Million per year, and the figures can only go up. 

Due to exposing to hyper-personal information like DoB, driving license, passport, residential address, etc. Threat actors will misuse your information for applying for credit on your behalf without you knowing about it. 

What do criminals do with stolen data?

If cybercriminals find some agency willing to give credit, they'll immediately spend it, resulting in load default, it will put a black mark against your name, and you won't even know about it until you need the credit for yourself the next time. 

Optus said that it has contacted Deloitte for assistance, and will do an external forensic inquiry of the breach to know how the incident happened and how Optus can take preventive measures to stop it from happening again. 

Singtel, a telecommunication conglomerate in Singapore is the parent company of Optus, it also shares a few stakes in Bharti Airtel, the second largest telecommunication carrier in India. Singtel on its website said:

"Approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised."

What kind of information was leaked?

Singtel also said that the leak has impacted expired IDs and personal info of around 900,000 additional customers, stressing that leaked data doesn't include valid or current document ID numbers for around 7.7 million customers. Customers are advised to stay vigilant about possible smishing and phishing attacks. 

In the Optus incident involving the customers that are most affected, state law enforcement agencies and Australian police are working together on "Operation Guardian" to help with securing the identity of the impacted customers. 

The next step for Optus

Optus has informed the affected customers that their personal information has been compromised in the breach, also including Medicare IDs. Optus on 28 September disclosed- out of 9.8 million customer records leaked, the leak involved around 14,900 working Medicare IDs and 22,000 expired Medicare card numbers.

The data leak incident surfaced on September 22, involving a threat actor getting unauthorized access to customer details. The criminals used the alias "optusdata," and they leaked a small sample of the stolen data of 10,200 users, demanding Optus to pay a ransom of $1 million to stop more leaks. 

It raises a question for you: why can't I control my own identity? The answer, is you can, by limiting how and where you share your information. 

However, the Optus data leak has made us all doubt if we can trust any organization?  












Telstra Reacts to Optus Hack with Online Safety Tips for Customers

Since Optus was attacked, the telco constantly reached out to its customers to know if they had been a victim of the data breach, but there are still some customers claiming that they did not receive any official notice from Optus. 

Optus will be covering the number of replacement passports for customers who had their personal credentials leaked during the attack. The Prime Minister of Australia Anthony Albanese stated, “Optus has responded to my request that I made both in the parliament and that Senator Wong made in writing to Optus, they will cover the cost of replacing affected customers' passports." 

Telstra has also sent an informative email to its customers today in response to a large number of questions from their own customers regarding online safety tips. 

Titled "helping to keep you safe", the email from Telstra refers directly to the Optus attack, saying, "Over the past week many of our customers have reached out to us following the Optus cyber-attack with questions about how to stay safe online and to know if their data has been impacted." 

Following the incident, the telco confirmed to their customers that their data is not affected, however, they have "heightened our monitoring and, as cyber-attacks become more regular and scammers become more sophisticated, we all need to remain on alert." 

The following tips have been suggested by the Telco for its customers: 

• Switch on two-step verification with Telstra if you haven't already 
• Remain suspicious of unexpected communications 
• Switch on two-step verification on your bank account and monitor transactions 
• Keep your devices updated 
• Use strong passwords to your accounts 
• Pay attention to what you share on social platforms 

Since Optus was hacked it has taken a week to contact its 9.8 million customers via email, when the press asked Telstra how long it would take them to reach out to their all customers, Telstra's spokesperson said, "We anticipate our customers will receive this communication by close of business today.”