Wrapup 1: Australia's Latitude Group, IPH hit by cyber attacks amid wave of hacks

Harvey Norman Holdings

16/03/2023 08:02

By Mehr Bedi
       March 16 (Reuters) - Digital payments firm Latitude
Group Holdings  LFS.AX  and intellectual property services
provider IPH Ltd  IPH.AX  reported data breaches on Thursday,
joining a host of other Australian firms targeted by hackers in
recent months.
    Some of Australia's largest companies have reported data
breaches since September last year, including Optus, owned by
Singapore Telecommunications Ltd  STEL.SI , and health insurer
Medibank Private Ltd  MPL.AX .
    Latitude said personal information, including copies of
drivers' licences and customer records, of around 328,000
customers held by two service providers were stolen.
    IPH detected unauthorised access to document management
systems, which handle administrative documents, and some client
documents and correspondence, at its head office and two member
firms.
    After the massive cyber attack on Medibank in November,
Australian authorities tabled a new cyber-policing model in a
re-energized push to nab cyber crime syndicates that had
recently affected millions of Australians.
    The effort included a partnership between the federal police
and a government agency that intercepts electronic communication
from foreign countries to police such criminal activity.
    Technology experts say hackers have targeted Australia just
as a skills shortage has left companies understaffed and an
already overworked cyber security workforce ill-equipped to stop
attacks.
    Although the material impact of these attacks on the
companies is often short-lived and mitigated partly by
insurance, they pose potential long-term risks to companies'
reputation.
    "We simply leave things to insurance companies, and
awareness campaigns for many smaller sectors," said Alana
Maurushat, professor of cybersecurity at Western Sydney
University.
    "Our Boards of Directors have little cybersecurity training
around risk. We don't have any cybersecurity training
requirements for decision makers."
    Data compiled by the government agency Australian Cyber
Security Centre (ACSC) showed 76,000 cyber incidents were
reported in the 2022 financial year, a 13% increase from the
year before.
    ACSC was unavailable to comment on the Latitude and IPH
incidents.

 (Reporting by Upasana Singh and Rishav Chatterjee, Mehr Bedi
and Himanshi Akhand  in Bengaluru; Editing by Devika Syamnath,
Maju Samuel and Rashmi Aich)
 ((Upasana.Singh@thomsonreuters.com;))