Picture of IPH logo

IPH IPH News Story

0.000.00%
au flag iconLast trade - 00:00
IndustrialsBalancedMid CapSuper Stock

Factbox: Australia Inc roiled by raft of cyber attacks since late 2022

(Updates with Latitude Group saying it will not pay ransom)
       April 11 (Reuters) - Australian firms have suffered a
flood of cyber attacks since September last year, putting the
spotlight on the country's understaffed cybersecurity industry
that experts say seems ill-equipped to tackle such hacks,
endangering sensitive information of millions of people.
 urn:newsml:reuters.com:*:nL1N32000S
    Here is a list of companies that have been hit by data
breaches:
    
    OPTUS
    Australia's second-largest mobile operator and a unit of
Singapore Telecommunications  STEL.SI  was the first to report a
data breach in September that affected up to 10 million
customers, about 40% of the nation's population. The exposed
data included home addresses, drivers' licences and passport
numbers.
    
    WOOLWORTHS
    Australia's biggest grocer Woolworths Group Ltd  WOW.AX 
said in October its majority-owned online retailer MyDeal
identified that a "compromised user credential" was used to
access its systems, exposing email addresses, phone numbers and
delivery addresses of about 2.2 million customers.
    
    FORCENET
    Australia's Assistant Minister For Defence Matt
Thistlethwaite said on October 31 that hackers targeted a
communications platform used by the country's military personnel
and defence staff with a ransomware attack but that no data was
compromised.
    
    DAILOG
    IT services consulting firm Dailog, another unit of
Singapore Telecommunications  STEL.SI , faced a cyber attack
that potentially affected 1,000 current and former employees and
fewer than 20 client, the company said on October 10.
    
    AUSTRALIAN CLINICAL LABS 
    Medlab, a unit of Australian Clinical Labs Ltd  ACL.AX , one
of the country's largest pathology providers, suffered a breach
in the same month that exposed data of about 223,000 patients. 
        
    MEDIBANK
    Health insurer Medibank Private  MPL.AX , which covers about
one-sixth of Australians, said in November that personal and
significant amounts of health claims data of around 9.7 million
of its current and former customers was compromised, forcing it
to flag a hit to earnings and withdraw forecast for a key
metric.
   
    TELSTRA
    Australia's largest telecoms operator Telstra  TLS.AX  in
early October suffered what it called a small data breach, which
exposed data of about 30,000 current and former employees dating
back to 2017.
    On Dec. 11, Telstra said 132,000 customers were affected by
an internal error which led to the disclosure of certain
customer details.
    
    BWX
    Skin and hair care products maker BWX Limited said in
November a malicious code was "unlawfully" entered onto one of
its websites that may have compromised credit card numbers and
expiry dates of about 2,500 customers.
    
    TPG TELECOM
    Australia's No.2 internet service provider TPG Telecom
 TPG.AX  said in December it had been notified of unauthorised
access to a hosted exchange service that hosts email accounts of
up to 15,000 business customers.
       
  
        CBA
  
        Commonwealth Bank of Australia  CBA.AX  
    said
     on March 8 its Indonesian unit, PT Bank Commonwealth
(PTBC), had been hit by a cyber incident involving unauthorised
access of a web-based software application used for project
management. 
  
        
  
        IPH
  
        Days later, Australian intellectual property services
provider IPH Ltd  IPH.AX  
    said
     it had detected unauthorised access to a portion of its IT
environment, compromising information including administrative
documents and some client documents. 
  
        
  
        LATITUDE
  
        Australian digital payments and lending firm Latitude
Group Holdings Ltd  LFS.AX  
    said
     on March 16 a hacker had stolen personal information held
by two service providers, compromising about 103,000
identification documents and 225,000 customer records. 
  
        On April 11, the firm said it 
    will not pay
     a ransom to the hackers as it saw no assurance that the
payment would result in the return or destruction of the stolen
data, and it did not want to reward criminal behaviour. 
  
         
  

 (Compiled by Jaskiran Singh, Rishav Chatterjee, Roushni Nair
and Harshita Swaminathan in Bengaluru; Editing by Sherry
Jacob-Phillips, Rashmi Aich and Sohini Goswami)
 ((Jaskiran.Singh@thomsonreuters.com))

Recent news on IPH

See all news