(Updates to add IPH, Latitude Group, and CBA)
March 16 (Reuters) - Australian firms have suffered a
flood of cyberattacks, putting the spotlight on country's
understaffed cybersecurity industry which experts say seems
ill-equipped to tackle such hacks, thus endangering sensitive
information of millions of people. urn:newsml:reuters.com:*:nL1N32000S
Here is a list of companies that have been hit by data
breaches since September last year:
OPTUS
Australia's second-largest mobile operator and a unit of
Singapore Telecommunications STEL.SI was the first to report a
data breach that affected up to 10 million customers, about 40%
of the nation's population. The data exposed included home
addresses, drivers' licences and passport numbers.
MEDIBANK
Health insurer Medibank Private MPL.AX , which covers about
one-sixth of Australians, said personal and significant amounts
of health claims data of around 9.7 million of its current and
former customers was compromised, forcing it to flag a hit to
earnings and withdraw forecast for a key metric.
WOOLWORTHS
Australia's biggest grocer Woolworths Group Ltd WOW.AX
said its majority-owned online retailer MyDeal identified that a
"compromised user credential" was used to access its systems,
exposing email addresses, phone numbers and delivery addresses
of about 2.2 million customers.
AUSTRALIAN CLINICAL LABS
Australian Clinical Labs Ltd ACL.AX , one of the country's
largest pathology providers, said unit Medlab suffered a breach
that exposed data of about 223,000 patients.
TELSTRA
Australia's largest telecoms operator Telstra TLS.AX in
early October suffered what it called a small data breach, which
exposed data of about 30,000 current and former employees dating
back to 2017.
On Dec. 11, Telstra said 132,000 customers were affected by
an internal error which led to the disclosure of certain
customer details.
DAILOG
IT services consulting firm Dailog, another unit of
Singapore Telecommunications STEL.SI , said it faced a cyber
attack that potentially affected 1,000 current and former
employees and fewer than 20 clients.
FORCENET
Australia's Assistant Minister For Defence Matt
Thistlethwaite said hackers targeted a communications platform
used by the country's military personnel and defence staff with
a ransomware attack but that no data was compromised.
BWX
Skin and hair care products maker BWX Limited said a
malicious code was "unlawfully" entered onto one of its websites
that may have compromised credit card numbers and expiry dates
of about 2,500 customers.
TPG TELECOM
Australia's No.2 internet service provider TPG Telecom
TPG.AX said it had been notified of unauthorised access to a
hosted exchange service that hosts email accounts of up to
15,000 business customers.
CBA
Commonwealth Bank of Australia CBA.AX
said
its Indonesian unit, PT Bank Commonwealth (PTBC), had been
hit by a cyber incident involving unauthorised access of a
web-based software application used for project management.
IPH
Australian intellectual property services provider IPH
Ltd IPH.AX
said
it had detected unauthorised access to a portion of its IT
environment, compromising information including administrative
documents and some client documents.
LATITUDE
Australian digital payments and lending firm Latitude
Group Holdings Ltd LFS.AX
said
a hacker had stolen personal information held by two
service providers, compromising about 103,000 identification
documents and 225,000 customer records.
(Compiled by Jaskiran Singh, Rishav Chatterjee and Roushni Nair
in Bengaluru; Editing by Sherry Jacob-Phillips and Rashmi Aich)
((Jaskiran.Singh@thomsonreuters.com))