Australia has seen a significant increase in data breaches in 2024, often involving sensitive information such as passwords and financial details. Major companies affected include MediSecure, Ticketmaster, Shell, Telstra and Optus, leaving many individuals at risk of identity theft.

Learn how to check if your data has been breached, what steps to take if data has been breached, and key lessons from these breaches to improve your cybersecurity.
2024 data breach incidents in Australia

1. Optus (September 2022)
Optus, one of Australia's largest telecommunications companies, has experienced a major data breach, affecting 10 million current and former customers, nearly a third of the country's population. . Stolen information included names, dates of birth, home addresses, phone numbers, email addresses, passports and driver's license numbers.
There are differing opinions on how the breach occurred. Optus described it as a sophisticated cyber attack, while an Optus insider and the Australian Government suggested human error caused a vulnerability in the company's API (Application Programming Interface, for allows different software applications to communicate with each other). Multiple class action lawsuits have been filed against Optus, seeking compensation for any losses or damages resulting from privacy breaches.
2.Telstra (April 2024)
Telstra, a major Australian telecommunications provider, has reported a data breach affecting customer information. Sensitive data such as names, email addresses, and phone numbers were compromised.
The breach was part of a larger data set posted on a hacking forum, which claimed to contain data from 47,000 customers, although most of this is believed to be fake data. Although the breach did not involve a cyberattack, the exposure of personal information can pose risks such as identity theft and targeted fraud.
3. Shell (May 2024)
In May 2024, Shell experienced a major data breach, exposing sensitive information from 80,000 records. The breach carried out by hacker group “888” affected many countries, including Australia, UK, France, India, Singapore, Philippines, Netherlands, Malaysia and Canada. The stolen data included personal and contact information, putting those affected at risk of identity theft and targeted fraud.
Previously, in 2023, Shell also experienced a credential stuffing attack targeting employee credentials. The ransomware group exploited a vulnerability in the MOVEit file transfer platform, leading to a data breach affecting the personal information of employees, including those in Australia.
4.Ticketmaster (May 2024)
A hacker group called ShinyHunters claims to have stolen the personal information of 560 million Ticketmaster customers worldwide, including Australians. They said the stolen data included names, addresses, phone numbers and even partial credit card information. This group is demanding a $500,000 ransom to avoid selling this information to other parties (aka criminals).
While Ticketmaster has not yet confirmed the breach, the Australian government is working with the company to resolve the issue. This is especially worrying because Ticketmaster has a history of data breaches. According to Wired, ShinyHunters may have gained access by first compromising the contractor's computer to log into Ticketmaster's account on Snowflake, a cloud storage platform. This weakness highlights the importance of multi-factor authentication, which can prevent unauthorized access.
5.MediSecure (May 2024)
Until the end of 2023, MediSecure is one of only two prescription delivery services in Australia, allowing prescriptions, both paper and electronic, to be sent from doctors to the pharmacies of the patient's choice. A ransomware attack compromised the MediSecure database, exposing personal information such as names, addresses, and limited health information related to prescriptions. This large ransomware breach affected data from prescriptions filled before November 2023.
Following the incident, MediSecure entered administration, which saw an external administrator take control of the company to restructure and repay creditors. The Australian Government and various agencies have responded to minimize the impact on those affected.
How do I know if my data has been leaked?

In Australia, under the Notifiable Data Breaches scheme, many organizations are required to notify you if your personal data is involved in a data breach. They must provide you with the following information: a) their name and contact information, b) what information was breached, c) what happened, and d) what you should do to protect yourself protect yourself. This notice may be sent via email, phone call, or physical mail.
Also, pay attention:
1.Unusual account activity: Pay attention to unexpected changes to your online accounts, unauthorized logins, transactions, or strange accounts opened in your name. Regularly review your bank statements and credit reports to spot any signs of identity theft. Contact your financial institution immediately if you notice anything unusual.
2.Phishing: Be wary of fraudulent emails, phone calls, and text messages. Scammers can use your stolen information to impersonate legitimate organizations. These emails or calls may try to trick you into revealing personal information or clicking on malicious links. Always verify contact information by contacting the organization directly through their official channels.
What to do if your data is involved in a data breach
Change passwords for affected accounts, including online banking passwords and PINs. If you use the same password on multiple websites, change them all. Use strong and unique passwords for each account, ideally managed through a password manager like RICE VPN.
Enable multi-factor authentication (MFA) on all your accounts, if applicable, for an additional layer of security.
Monitor your bank and credit card accounts for unauthorized transactions. Get your credit report and check for unauthorized loans or applications. Report any suspicious activity to your bank.
Avoid email, text or call scams asking for sensitive information. Verify the legitimacy of any communication before responding.
Contact IDCARE anti-theft support if you suspect your identity has been stolen. This is a free identity and network support service that can help you secure your account and recover from identity theft.
Stay informed by reading official statements and reputable news sources. This helps you understand the breach and what data was compromised.
Complain about a data breach by contacting the relevant organization. If you are not satisfied with their response or do not receive a response, you can submit a written complaint to the Office of the Australian Information Commissioner (OAIC) ​​after giving the organization 30 days to respond.
Focus on accounts and services where the type of compromised data matches the leaked information to minimize the risk of potential damage. Seek help from the police and other support services if necessary.
What are some lessons we can learn from Australia's data breaches?
1.Ransomware protection: The MediSecure ransomware attack highlights the need for layered security measures and continuous monitoring to minimize vulnerabilities.
2.Strong Encryption for Sensitive Data: Given the nature of the Ticketmaster breach (stolen personal information and partial credit card information), any sensitive data must be encrypted while in transit. stored and transmitted using strong encryption algorithms. This makes the data unreadable even if an attacker has access to it.
3.You are only as safe as your weakest link: If a business has strong security systems but sends data to another company that has vulnerabilities in their system, that data will be vulnerable to attack. labour. All partners must verify, not just trust, that any data sent to their partners is safe there.

4.File transfer security: The vulnerability exploited by Shell in the MOVEit file transfer vulnerability shows the importance of securing file transfer platforms. Businesses need to assess and patch vulnerabilities in all systems containing sensitive data.
5.Securing data throughout its lifecycle: Telstra breach highlights the need to classify and encrypt sensitive data, manage access controls and securely dispose of outdated information .
6.Securing APIs & minimizing the risk of human error: The Optus breach highlights securing APIs to prevent unauthorized access and the importance of strong cybersecurity practices to minimize errors of humans as a flaw.