Australian businesses face unprecedented cyber security challenges. In just the first three months of 2024, a staggering 1.8 million user accounts were compromised. That’s a 388% increase compared to late 2023.
With data breaches on the rise, the importance of strong cybersecurity measures has never been more critical. In an effort to mitigate these effects, the Australian Government has begun revisiting its cybersecurity frameworks and policies with the National Cyber Security Strategy 2023-2030 which aims to strengthen protections for businesses and individuals alike. However, staying ahead of cybercriminals requires more than just government action, it demands action from individual businesses to proactively strengthen their cybersecurity measures.
In this article, we’ll cover the 5 biggest data breaches in Australia, what went wrong, and, most importantly, what businesses can learn to better protect themselves.
Data is one of the most valuable assets a business can have, and cybercriminals know it. Put simply, a data breach is when unauthorised individuals gain access to sensitive information, such as personal customer data or confidential corporate records by exploiting various vulnerabilities and weaknesses. Whether through system vulnerabilities, phishing attacks, or sophisticated cyber intrusions, these breaches can cause widespread damage to both the businesses and individuals affected.
And the threat is only growing.
Research from Surfshark reveals a sharp rise in cybersecurity attacks across Australia, with over 60% of businesses experiencing at least one cybersecurity incident. But Australia isn’t alone; companies worldwide are grappling with the rise in data breaches, with cybercriminals becoming more advanced and persistent.
With our increasing reliance on digital solutions and platforms, cybersecurity and data breaches spark bigger conversations about trust, privacy, and security. The consequences can be severe and far-reaching. A data breach can lead to significant financial losses, legal consequences, and a tarnished reputation that can take years to rebuild. Worse still, it puts customers directly in harm’s way, exposing their personal information to identity theft, fraud, and other malicious activities.
Australia ranks 15th worldwide for data breaches per capita with a cybercrime reported every 6-7 minutes. But what’s driving this surge in cyber threats? Several key factors are at play:
Technology has transformed the way businesses operate. Today, companies of all sizes rely on various digital tools to streamline operations, cut costs, and enhance customer experiences. While this digital shift brings many advantages, it also creates a pool of potential targets. With business operations now more interconnected than ever, a single weak point can lead to widespread exposure and vulnerability.
Data is currency and Australia’s digital wealth makes it a prime target. Cybercriminals are especially interested in financial records, healthcare data, and government databases, which can be sold on the dark web or used for fraud, identity theft, and ransomware attacks. As long as data remains profitable, cybercriminals will continue looking for ways to exploit it.
Despite the growing risks, many businesses, especially small and medium-sized enterprises (SMEs), struggle to implement strong cybersecurity strategies. Limited resources, tools, and knowledge leave them vulnerable. Almost half of SMEs rate their cybersecurity understanding as “average” or “below average,” and 1 in 5 don’t even recognise the term “phishing.” Thus, without proper defences in place, these businesses become easy targets.
You might assume that increased awareness and investment in cybersecurity would deter hackers but in many cases, it does the opposite. As the government and businesses implement stricter security measures, cybercriminals evolve their tactics, seeing new barriers as challenges to overcome.
Date: | May 2019 |
Users Affected: | 137 million users worldwide |
In May 2019, Australian tech unicorn Canva, one of the world’s most popular online design tools, fell victim to a monumental data breach, impacting 137 million users worldwide. With over 55 million active monthly users, Canva’s breach was one of the biggest cybersecurity incidents in Australia’s history.
A cybercriminal identified as “Ghosticplayers” successfully breached Canva’s defences, gaining access to sensitive user data, including:
Unlike most hackers who attempt to sell stolen data on dark web forums, Ghosticplayers reached out directly to the media outlet ZDNet to boast about the attack.
Fortunately, Canva was able to detect and stop the attack while it was in progress. While Ghosticplayers claimed to have obtained OAuth login tokens (used for Google sign-ins), Canva found no evidence that these were downloaded or used to access user accounts. Similarly, the hacker briefly viewed files containing partial credit card and payment data but showed no signs of financial data being stolen.
To mitigate the impact of the breach, Canva:
Date: | March 2023 |
Users Affected: | 14 million customers from Australia and New Zealand. |
In March 2023, Australian personal loan and financial services provider Latitude suffered a massive cybersecurity breach, compromising the sensitive information of 14 million customers across Australia and New Zealand. What initially seemed like a relatively small breach affecting 328,000 customers quickly escalated after an investigation identified 14 million affected customers.
The attack began when a single set of employee credentials was stolen, granting cybercriminals access to Latitude’s customer database. The stolen data included:
One of the most alarming aspects of the Latitude breach was that much of the compromised information dated back to 2005. This raised concerns about why customers’ records were stored beyond the legally required seven-year timeframe as keeping outdated data unnecessarily increases the risk of exposure in the event of a cyberattack – as seen in the breach by Latitude.
To contain the breach, Latitude took its systems offline to prevent further access and prioritise the protection of personal data. The company also:
Date: | September 2022 |
Users Affected: | 9.8 million customers |
In September 2022, Optus, one of Australia’s largest telecommunications companies, saw a breach affecting the personal data of 9.8 million customers (almost 40% of the Australian population.)
The breach sparked major policy criticisms about the state of cybersecurity in Australia and the effectiveness of existing security measures.
The breach occurred when cybercriminals, believed to be working for a state-sponsored operation, gained access to Optus’ internal network via an unauthorised API endpoint, a critical vulnerability that didn’t require traditional user authentication methods like usernames or passwords.
Customer information breached included:
The stolen data quickly appeared on online forums and demanded a $1.5 million ransom in cryptocurrency. However, under pressure from law enforcement, the hackers reversed course, apologising and claiming that they had deleted the data.
The incident is still under investigation, but it has prompted organisations across Australia to re-evaluate the sensitive data they hold and critically assess their data storage and collection practices.
Date: | December 2022 |
Users Affected: | 9.7 million people |
In December 2022, Medibank, one of Australia’s largest health insurance providers, became the victim of a high-profile data breach, exposing sensitive data including:
The breach was believed to be carried out by REvil, a ransomware group based in Russia. The cyberattack was made possible by the theft of internal credentials belonging to an individual with privileged system access, likely obtained through phishing tactics – the use of deceptive messages, often disguised as legitimate communications, to trick individuals into revealing sensitive information, such as usernames, passwords, or credit card details.
It was first discovered when REvil posted a folder containing 6GB of raw data samples on a dark web blog, claiming that much larger amounts of data were available for release, demanding a $10 million ransom. Medibank made the decision to refuse the ransom demand, staying firm in its commitment to not negotiate with criminals.
Despite the data being fully released on the dark web, to date, no cases of identity theft or financial fraud have been confirmed as a result of the breach. However, customers have been urged to remain vigilant against potential phishing scams and to monitor their credit reports to protect themselves.
In the aftermath of the breach, Medibank has invested significant resources into strengthening its cybersecurity infrastructure. The breach is currently under investigation by the Office of the Australian Information Commissioner (OAIC), which is examining Medibank’s information handling practices. If it is found that the company did not have adequate security measures in place, it could face a $50 million fine.
Date: | July 2020 |
Users Affected: | 444,000 records |
ProctorU is an online exam proctoring service that suffered a breach in July 2020. The breach exposed user records, including email addresses, of students from several prominent Australian universities:
The breach impacted records dating back to 2014 but did not involve financial information.
Impact and Response
Once the breach was detected, ProctorU promptly notified the affected universities, which in turn alerted their students. The company worked to ensure the exposed data was secured and prevented further unauthorised access.
The breaches of Canva, Latitude, Optus, Medibank, and ProctorU serve as a reminder that no company, no matter how big or secure, is immune to cyber threats.
Cybercriminals are always evolving, finding new ways to exploit vulnerabilities. While companies may have strong defences in place, these incidents show that breaches can still occur, especially when it comes to vulnerable employee credentials or outdated data storage practices.
The key takeaway is that cybersecurity is a core business practice and are a sobering reminder that cybersecurity threats require constant vigilance, investment, and a proactive approach to ensure businesses and individuals are protected.
To defend against cyber threats, it’s essential to be proactive. By having the right measures in place, you can significantly reduce the risk of a breach.
Read More: What Is A Cyber Security Audit? Steps and Benefits for Your Business
It’s clear that even some of the nation's largest and most trusted organisations have fallen victim to cyber-attacks. The unfortunate truth is that the question is not if your business will be targeted, but when. The real challenge lies in ensuring that you're prepared, with robust security measures in place to mitigate and minimise.
At CRT Network Solutions, we specialise in helping businesses safeguard their digital assets through comprehensive security audits and tailored cybersecurity strategies. Our expert team will work with you to identify vulnerabilities, strengthen your defences, and implement proactive measures to ensure that your business stays one step ahead. Get in touch today and start protecting what matters most. If you are looking to shift your IT management needs, CRT Network Solutions is the MSP you can count on. We take the risk and stress out of maintaining your business’s IT infrastructure while boosting your cost efficiency and productivity. With a full range of end-user IT managed services, we tailor our solutions to meet the specific needs of your operations. Get in touch today and let us help you optimise your IT infrastructure.
Request A Free Quote
Contact the Brisbane or Sunshine Coast Support Team
Online Remote & Online Application Based Monitoring
Let's assess your business requirements
Stay up to date on the latest IT industry trends and tips with our blog