Business phones system melbourne

All Posts / Cybersecurity Breaches in Australia in 2021

Cyber security

Cybersecurity Breaches in Australia in 2021

Abhishek Bhargva

Telco ICT

18/03/2023

Cybersecurity Breaches

Did you know there was a 13% surge in cyberattacks & 15% increase in ransomware attacks in 2021 when compared to 2020 as per Australian Cyber Security Centre (ACSC)?  

A whopping $33 billion loss was incurred by Australian individuals or businesses as per report of ACSC previous year. 

Mostly, cyberattacks/cyberthreats were rarely made public but some of the following data breaches surely made the news. Read on to know more about the cybersecurity breaches in Australia 2021: 

Tasmanian Ambulance (Jan 2021)

Residents who called out ambulances from Nov 2020 to January 2021 end up as victims of Cyber Threats in Australia. 

Before, Tasmanian ambulances used radio technology for communications networks. But the radio data was intercepted and converted to text by Cyberattackers, only to be posted online.  

Patient details, health condition or address details in pager messages were made public. As status, age, gender of even HIV patient went online, it lead to rise in discrimination. 

Northern Territory Government (Jan 2021):

Ransomware attack compelled the Northern Territory government to make the sensitive database go offline.  

Territorians who shared their business or personal emails for Covid-19 Territory Check In app, were at risk of Cyberattack Australia as their data was shared in data-breaching mass email.  

ASIC (JAN 2021)

Cybercriminals managed to access files of credit licence apps and breached the servers of Australian Securities and Investments Commission (ASIC). Federal agency used the file transfer app (the breach vector) to transfer attachments and files.  

Shortly after this cyberthreat, Accellion declared the end-of-life for this FTA product. Since December 2020, software has already been misused in cyberattack Australia to breach data of government agencies and companies around the world. 

Victims who got hit by this cyberattack Australia include: 

  • NSW Department of Health 
  • The Reserve Bank of New Zealand 
  • Singtel, Singapore’s largest telco 
  • The Washington State Auditor Office 
  • Queensland research institute  
  • The QIMR Berghofer Medical Research Institute  
  • NSW Department of Health 
  • The University of Colorado 

Transport for NSW (FEB 21)

In the Accellion attack, Transport for NSW was also the victim (not listed) who lost 250GB of information to Cybercriminals in Feb. 

Sensitive files or emails were shared on the dark web, where the leaked site belonged to an extortion group named CM0P. 

Oxfam Australia (Feb 2021)

A cyberthreat on Oxfam Australia led to hackers getting unauthorized access to files where 1.7 million supporters signed petitions, while participating in campaigns or making donations.  

Names, email id, gender, phone numbers and even addresses were accessed by the hackers. 

Eastern Health (Mar 2021)

Due to a cyberthreat, surgeries were cancelled by Eastern Health facilities located in Victoria. Although the Eastern Health made the system offline, ransomware made them to shutdown IT systems but thankfully, there was no loss in patient data.  

 Access of staff to patient records or management systems led to cancellation of surgeries which were not urgent and patients were disappointed due to delay. Later, several IT systems were restored but the source of attack is still unknown. 

Western Australian Parliament (Mar 2021)

A global cyberattack Australia made the news when a Microsoft Exchange Server Vulnerability was compromised & Western Australia Parliament’s mail server was accessed. Before Microsoft released patch release, the cyberattack Australia targeted zero-day exploit. 

No data was lost and the network remained protected even during state elections. No one was able to access the email platform for straight 19 hours due the cyberattack on Parliament. 

Nine Entertainment Co (Mar 2021)

This time, a cyberattack in Australia was made inside Nine Entertainment, a big media company. Cybercriminals encrypted the data but no demand for money was made. Later, ACSC was approached regarding this incident. 

TPG Telecom (Mar 2021)

Due to the cybersecurity breach of TPG Telecom in April, data of one of its customers was found on the dark web.  

A 5GB download was found from a customer of TrustedCloud Service (TPG), which was in the decommissioning phase after it got hacked on April 25th. 

UnitingCare Queensland (April, 2021)

A gang named REvil was suspected to be behind the attack on UnitingCare Queensland — an organization offering healthcare, disability support and aged care services across the state. 

REvil gang which runs a Ransomware-as-a-service (RaaS) even rents ransomware strains to several criminal gangs. As per a report in March, the cybercriminals demanded $50 million from UnitingCare after attacking the Taiwanese giant Acer and thus, making it one of the largest money demanded for data breaches (2021).   

Swinburne University (April, 2021)

Personal data of 100 students and 5,200 staff of Swinburne university including phone numbers, email id and names were made public due to cyberattack Australia.  

Cybercriminals got access to data from an event registration web page where people signed up for several events from 2013. The webpage is not available now but Swinburne took action and went for audit across other similar websites. 

Sunwater (Aug 2020 to May 2021)

One of the most unpredictable cyberthreats in Australia was reported from Queensland’s biggest regional water supplier named, Sunwater. 

Cybercriminals managed to run data breaches in 2021 without being detected for 9 months. While it lasted from August 2020 to May 2021, it recently made the news.  

After unauthorised access to online content management was found, Sunwater officials took action and improved security. Although no customer data or financial data was misused, they confessed to the cyberbreach only after Queensland’s Audit Office report. 

JBS USA & Australia (May 2021)

JBS, a USA based food processing company which supplies around 1/5th of meat across the world ends up as cyberthreat victim. By May, its impact  was felt across Australian and North Americans systems. 

Even this attack too was claimed to be from the REvil team. $15 million bitcoin was paid by JBS to the hackers who managed to creached their computer networks. Even if systems were retrieved without any help from REvil, JBS revealed that they end up paying money to REvil, as per one of their statements.  

Other Cyberattacks Australia in 2021 include:  

GoDaddy

One of largest data breaches in 2021 was felt with GoDaddy. It declared that around 1.2 million accounts were exposed in a data breach while filing with the United States Securities and Exchange Commission. 

Socialarks

Major data leak was suffered by this well known Chinese social media agency due to an unsecured ElasticSearch database. The database which got breached had data of 200 million LinkedIn, Instagram and Facebook users. 

Twitch

Entire code base was breached. Although its impact in 2021 is still not yet revealed, data of all users is at risk. Torrent link was used to post 125 GB of sensitive data on an anonymous forum named “4chan” making it a major cyberthreat. 

Pixlr

A cybercriminal named ShinyHunters dropped 1.9 million user records of users in Pixlr, an online photo-editor, on a dark web hacker forum.  

LinkedIn

In June 2021, an unbelievable data of 700 million LinkedIn users were exposed for sale in a Dark Web forum.  

Is your organization at risk of data breach? It is hard to tell for sure. Reach out to our team to secure your network and systems to eliminate any risk of cyberthreat in near future. 

Also Read – 8 Ways to Prevent Cyber Attacks and Data Breaches

Our Trusted Partners

  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
  • Telco ICT Group
Contact Us

Let’s Talk

    Area of Interest


    Common Questions

    Do you outsource your work overseas?

    No. We use local teams only. That way we can respond more quickly to any problems that may occur. We want your tech running smoothly so you can focus on what you do best.

    Is your support 24 hours?

    Yes. We have people available whenever you need us. We understand that your tech runs 24 hours, and you need it be working at all times.

    Are your services customised for my business?

    Yes. There is great off the shelf software. But we know one size never fits all. So anything we set up for you is designed to make your business run smoother and in the way you want it to.

    Are your services expensive?

    No. Reliable tech is the life blood of your business. We keep it running smoothly so your business can keep making money. All our services are fixed fees, so you never get any nasty surprises.

    What’s the next step?

    Simply book a chat with one of our experts. We’ll have a chat about exactly what you need and how we can help. If you like our approach then we’ll give you a fixed price quote and get everything up and running for you, fast!

    Telco ICT Group