Australia Inc roiled by raft of cyberattacks this year

Australian firms have suffered a flood of cyberattacks, endangering sensitive information of millions of people


REUTERS December 14, 2022

Australian firms have suffered a flood of cyberattacks, putting the spotlight on country's understaffed cybersecurity industry which experts say seems ill-equipped to tackle such hacks, thus endangering sensitive information of millions of people.

Here is a list of companies that have been hit by data breaches so far this year:

Optus

Australia's second-largest mobile operator and a unit of Singapore Telecommunications was the first to report a data breach that affected up to 10 million customers, about 40% of the nation's population. The data exposed included home addresses, drivers' licences and passport numbers.

Medibank

Health insurer Medibank Private, which covers about one-sixth of Australians, said personal and significant amounts of health claims data of around 9.7 million of its current and former customers was compromised, forcing it to flag a hit to earnings and withdraw forecast for a key metric.

Woolworths

Australia's biggest grocer Woolworths Group Ltd said its majority-owned online retailer MyDeal identified that a "compromised user credential" was used to access its systems, exposing email addresses, phone numbers and delivery addresses of about 2.2 million customers.

Australian clinical labs

Australian Clinical Labs Ltd, one of the country's largest pathology providers, said unit Medlab suffered a breach that exposed data of about 223,000 patients.

Telstra

Australia's largest telecoms operator Telstra in early October suffered what it called a small data breach, which exposed data of about 30,000 current and former employees dating back to 2017.

On Dec. 11, Telstra said 132,000 customers were affected by an internal error which led to the disclosure of certain customer details.

Dailog

IT services consulting firm Dailog, another unit of Singapore Telecommunications, said it faced a cyber attack that potentially affected 1,000 current and former employees and fewer than 20 clients.

Forcenet

Australia's Assistant Minister For Defence Matt Thistlethwaite said hackers targeted a communications platform used by the country's military personnel and defence staff with a ransomware attack but that no data was compromised.

BWX

Skin and hair care products maker BWX Limited said a malicious code was "unlawfully" entered onto one of its websites that may have compromised credit card numbers and expiry dates of about 2,500 customers.

TPG Telecom

Australia's No.2 internet service provider TPG Telecom said it had been notified of unauthorised access to a hosted exchange service that hosts email accounts of up to 15,000 business customers.

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ