About 540 homes are broken into every day in Australia, yet you’ll never hear about them on the news. It just doesn’t warrant the media’s attention, and people honestly aren’t interested in it. This breach is the digital equivalent of that. It happens all the time and nobody gives a toss. You’ve probably never heard of Calida Projects, I know I hadn’t. They are a small business in Sydney that does commercial construction services. Somehow they got on Akira’s radar and breached.
This one started last year, but is still in the final stages of being dealt with. On the 5th of December 2023, the ransomware group Akira hacked one or more internal systems at Nissan Oceana and copied out 100+GB of data. This took some of their systems offline for up to a month and exposed 100,000 individual’s personal data.
blackbasta has hacked 12 Australian companies that (presumably) share the same Hosted Virtual Desktop (HVD) provider.
LOCKBIT 3.0 has made a statement on their site that they have breached GaP Solutions and will release the data on the 20th March.
Tangerine Telecom has been breached, with over 200,000 customer accounts being leaked. It took a couple of days before they were informed of the breach, most likely by the contractor whose account was compromised (mentioned in the media release).
The Central Coast Council payment system was hit by someone doing a BIN attack, with around 20 cards being successfully processed by the attacker.
AHRI sent emails to its customers this morning, 9 February, warning of a “security incident”. The incident appears to have happened this month, when an unidentified threat actor gained access to AHRI’s website via the site provider.
The attackers compromised production systems; however, there’s no evidence that they accessed customer credentials or distributed malicious AnyDesk software versions. The company has found no malicious code in their software and is revoking compromised certificates, releasing updates with new ones.
There isn’t a lot of information on this one, unfortunately. Elite Supplements announced on 30 Jan 2024 that their systems were breached, but that key customer data wasn’t lost as part of the breach.
Fake cybersecurity breach impacted Europcar on 28 Jan 2024
According to a company blog post, the attack first accessed Cloudflare’s systems for reconnaissance from 14 to 17 November and accessed a number of systems, including the company’s “internal wiki (which uses Atlassian Confluence) and our bug database (Atlassian Jira)”. The attackers reportedly returned days later on 20 and 21 November, likely to verify that they still had a connection. Cloudflare said that it failed to rotate those connections but that as of 24 November, all connections that the threat actor had made were terminated.