The List of Data Breaches Grows - What should you do?
GroupSupport continues to monitor the previously reported data breaches as well as the growing number of reported breach incidents.
Medlabs (The ACL group) Data Breach
ACL said it first knew of unauthorised access to the IT system of its pathology unit, Medlab, in February and received advice that no information was compromised. The government cybersecurity agency notified it in June that its data had been posted on the dark web.
It has been found that 223,000 patients’ data had been exposed, including medical and health records for about 18,000 people.
https://www.crn.com.au/news/australian-pathology-data-stolen-as-hacking-epidemic-widens-587045
Energy Australia Data Breach
Report a hack of their customer information, with 323 customer accounts compromised.
According to a statement from the power company, it had implemented 12-character passwords on its My Account online customer platform following a “cyber incident”. EnergyAustralia customers will need to reset their My Account password and include special characters. Previously, the accounts required eight characters and no special characters.
EnergyAustralia said in a statement released on Friday that the hack resulted in the exposure of information provided by 323 residential and small business customers, including customer names, addresses, email addresses, electricity and gas bills, phone numbers, and the first six and last three digits of credit cards.
https://www.canstarblue.com.au/electricity/energyaustralia-data-breach/
Vinomofo Data Breach
Vinomofo has reported that a data breach has occurred where 500,000 customers details have been stolen and are now for sale on the dark web.
Details stolen include:
- Customer Names
- Birth Dates
- Addresses
- Email Addresses
- Phone Numbers
For more information https://ia.acs.org.au/article/2022/vinomofo-customer-details-for-sale-following-breach.html
Australian Employment Website Breach
An undisclosed job seeker website/service has been reported as having over 200,000 users documents breached and made publicly accessible.
The alleged breach includes critical data such as drivers licence and user photographs, medicare details and other personal data.
For more information https://www.crn.com.au/news/sydney-mssp-dvuln-uncovers-vulnerability-exposing-data-of-200000-aussie-job-seekers-586131
