Data Breaches – Jan 2020

Below is a list of noteworthy data breaches that may impact Australian businesses.

Are Your Company’s Digital Credentials for Sale on the Dark Web?
Find Out with a Complimentary Dark Web Scan

Australia – P&N Bank 

Exploit: Information breach
P&N Bank: Financial services provider

Risk to Small Business: A third-party partner with P&N Bank was accessed by hackers, compromising the bank’s customer data. The breach occurred during a December server upgrade. In response, P&N shut down the servers to prevent further access or infiltration. Unfortunately, they may not have acted quickly enough, and will now have to manage the trifecta of customer outrage, media scrutiny, and regulatory oversight that’s likely to accompany the event.

Individual Risk: Although the bank doesn’t believe that customer data was misused, hackers could have accessed customers’ names, addresses, email addresses, phone numbers, customer numbers, ages, account numbers, and account balances. Those impacted by the breach should carefully monitor their accounts for unusual activity and enrolling in credit or identity monitoring services can ensure that their personal information remains secure.

Australia – Atlassian 

Exploit: Software vulnerability
Atlassian: Enterprise software company

Risk to Small Business: Security researchers identified a flaw in Atlassian’s software that exposed an SSL key that could be used by cyber criminals to redirect app traffic to malicious sites. In response, Atlassian pulled the website’s authentication certificate while it identifies and implements solutions. However, the matter is being openly discussed on Twitter, which means that the company will likely endure a degree of reputational damage. As an enterprise-focused business, this could dissuade potential clients from working with Atlassian in the future.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

New Zealand – Toll Group

Exploit: Cyberattack
Toll Group: Transport and logistics company

Risk to Small Business: A cyberattack has forced Toll Group to shut down many of its customer-facing network systems to contain any impact on customers and operations. Although Toll Group is referring to the incident as a “cyberattack,” it’s likely that this episode is the result of a ransomware attack. The company expects that many customer applications will be impacted. The incident underscores that opportunity cost that is increasingly driving up the cost of ransomware attacks. During the outage, it’s unlikely that Toll Group will be able to collect revenue, meaning the event could have a significant impact on its bottom line.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

In Other News:

Magecart Attack Targets Australian Bushfire Donations 

Australia’s bushfire natural disaster is one of the most profound in recent memories, inspiring donors from around the world to contribute resources to the cause. Unfortunately, a legitimate donations site was infected with a Magecart payment-card skimmer that stole donors’ personal information when making an online payment.

The breach was discovered by security researchers, who declined to identify the specific website impacted by the breach. Payment-card skimming malware is an increasing concern for e-commerce platforms, as it collects users’ most sensitive personal data. In addition, it undermines customer confidence in the online payment process, which could decrease their willingness to spend money online.

In this case, payment-card skimming could cost valuable resources in a dire situation. For all companies relying on e-commerce to drive revenue, it’s a reminder that customer confidence is a crucial component of successful online sales initiatives. 

By Robert Marsden 20 Dec, 2023
The global cost of a data breach last year was USD $4.45 million. This is an increase of 15% over three years. As we step into 2024, it’s crucial to be aware of emerging technology threats. Ones that could potentially disrupt and harm your business. Technology is evolving at a rapid pace. It’s bringing new opportunities and challenges for businesses and individuals alike. Not all technology is benign. Some innovations can pose serious threats to our digital security, privacy, and safety. In this article, we’ll highlight some emerging technology threats to be aware of in 2024 and beyond. Data Poisoning Attacks Data poisoning involves corrupting datasets used to train AI models. By injecting malicious data, attackers can skew algorithms’ outcomes. This could lead to incorrect decisions in critical sectors like healthcare or finance. Some actions are vital in countering this insidious threat. These include protecting training data integrity and implementing robust validation mechanisms. Businesses should use AI-generated data cautiously. It should be heavily augmented by human intelligence and data from other sources. 5G Network Vulnerabilities The widespread adoption of 5G technology introduces new attack surfaces. With an increased number of connected devices, the attack vector broadens. IoT devices, reliant on 5G networks, might become targets for cyberattacks. Securing these devices and implementing strong network protocols is imperative. Especially to prevent large-scale attacks. Ensure your business has a robust mobile device management strategy. Mobile is taking over much of the workload Organizations should properly track and manage how these devices access business data.
Share by: