Personal information of tens of thousands of Aussies leaked as data firm with links to 200 companies is breached | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

By Zak Wheeler For Daily Mail Australia

15:46 04 May 2024, updated 16:15 04 May 2024

  • 200 Australian companies compromised in hack
  • Tens of thousands of documents leaked 
  • READ MORE: Qantas app data leak 

Russian hackers successfully breached a data firm used by hundreds of Australian companies and government agencies, resulting in the details of tens of thousands of Aussies being auctioned off on the dark web.

ZircoDATA and the federal government have begun the process of working out what data was compromised from more than 200 Australian organisations impacted by the February breach.

It was revealed on Friday that hackers accesses 4,000 sensitive documents from Monash Medical Centre and the electronic profiles of 60,000 Melbourne Polytechnic students.

Among the leaks from Monash Medical Centre, the Queen Victoria Hospital and Southern Health were archived documents relating to family violence and sexual support units in Melbourne‘s east between 1970 and 1993.

National Cyber Security Co-ordinator, General Michelle McGuinness, said on Friday that the government was working closely to identify the scope of the hack. 

In February ZircoDATA said in a statement that an ‘unauthorised third party’ accessed its systems after the hackers said they had done so on the dark web.

The web post, by known cyber ring Black Basta, detailed an auction for the stolen information which prompted an AFP investigation.

The federal government is working with Victorian data company ZircoDATA who suffered a data breach in February (stock pictured)
Among the documents stolen were 4,000 archived files from Monash Medical Centre which concerned sexual violence in Melbourne’s east

Following the February 22 post and subsequent investigation Ms McGuinness said Friday that ‘the impact for most government entities is likely to be minimal’.

READ MORE: One million Aussies at risk of identity theft 

City of Sydney RSL is among dozens of pubs and clubs caught up in a major data breach

‘[We] are still in the process of working with ZircoDATA to identify impacted data and any victims, and are yet to begin notifying impacted individuals,’ she said. 

Monash Health said that it is verifying the identities of those compromised before contacting them in order to not inadvertently expose them to reprisals from the hackers.

Chief executive Professor Eugine Yafele told The Age that he was helping in the investigation and was sorry to those that have been affected. 

‘Of utmost importance to us is providing support to those people who may be impacted by this breach,’ he said.

‘We are deeply disappointed to be in this position and understand the distress this may cause any impacted clients.’

Mr Yafele said his teams were working ‘tirelessly’ to identify those who are impacted by the hack, which Ms McGuinness said was especially distressing as some stolen files related to sexual violence. 

‘This is a distressing development for those who have, or believe they may have, been impacted by this exposure,’ Ms McGuiness said on X.

ZircoDATA is still trying to determine the full list of affected persons and organisations and in the meantime Monash Health has launched a website and hotline for those worried that their documents might have been stolen.

National Cyber Security Co-ordinator, General Michelle McGuinness, said on Friday that the government was working closely to identify the scope of the hack
The federal government is working with ZircoDATA and those organisations affected by the hack to figure out who is affected

Melbourne Polytechnic revealed the enrolment information for 60,000 past and present students, collected and stored by ZircoDATA, had also been accessed by the hackers.

Chief executive Frances Coppolillo said the hackers retrieved ‘low-risk identity attributes’ including names, student identification numbers, addresses at the time of enrolment and birth dates. 

‘Melbourne Polytechnic apologises unreservedly to everyone affected by this incident,’ Ms Coppolillo said in a statement.

‘We have contacted every current student impacted and are endeavouring to contact past students, many of whose contact details may have changed over the past 10 years.’

In dark web posts from Black Basta boasting about the hack the group claimed to have accessed 395 gigabytes of ZircoDATA archives, which included passports scans, individual immigration identifiers, and other sensitive documents. 

Another group, Crypmans, also allegedly breached ZircoDATA systems in January. 

The AFP launched an invstigation into the breach after a known cyber ring announced an auction for the stolen data on the dark web on February 22 (stock pictured)

Cybersecurity firm Cyble tracks known hacking groups and scours the dark web for information and alerts on company breaches and has confirmed that it was assisting multiple companies affected by the ZircoDATA breaches.

Cyble’s Kapil Barman said he was not sure if the hacks were related but that both used the same vulnerability to get into ZircoDATA’s systems.

Cybersecurity manager of Risk Associates who also works with Cyble, Sameer Pradhan, told the publication that he had identified 191 Australian organisations affected by the hacks.

On Saturday, the Department of Home Affairs confirmed its investigation into the matter. 

The department could not confirm who was responsible for the hacks or which government agencies had been affected. 

The CSIRO said that it had not been notified of any exposure through the breach and the Australian Pesticides and Veterinary Medicines Authority did not respond to questions. Both are listed as ZircoDATA clients.

Information Commissioner Sean Morrison has confirmed that his office ‘will continue to monitor the incident and … receive updates as necessary’.


Click Here For The Original Story From This Source.


National Cyber Security