|

Tag: data breach

Australian data breaches exposes small businesses

Posted on by Leah Porter

A new wave of data breaches targeting Australians has exposed the personal information of home users and small businesses. The Australian Cyber Security Centre (ACSC) has received reports of email campaigns impersonating well-known service providers and using malicious attachments or links to infect devices with malware. These types of attacks are not new, but they have been on the rise in recent months.

What is a Data Breach?

A data breach is a security incident in which sensitive, confidential, or protected data is accessed and/or disclosed without authorization. Data breaches can occur when hackers gain access to systems or networks, or when employees inadvertently expose data through carelessness or malicious intent. Once a data breach has occurred, the perpetrator may sell or distribute the stolen data on the underground market.

Data breaches can have serious consequences for individuals and organizations. For individuals, a data breach can lead to identity theft, financial loss, and damage to reputation. For organizations, a data breach can result in fines, legal action, and damage to reputation. In some cases, data breaches can even lead to bankruptcy.

Who is at risk of a Data Breach?

The latest hack occurred recently at health insurer, Medibank. Up to 200GB of data was stolen. In response to not receiving their ransom, the attackers released the information on the dark web.

The overwhelming concern that massive organizations such as Optus or Medibank could be breached, and have that data leaked is evident.  So, what does that mean for small to medium-sized businesses?

Small businesses are particularly vulnerable to these types of attacks because they often lack the resources to invest in robust cyber security measures. There is often a lack of awareness on the part of these companies about how much information regarding their clients and employees has been compromised, which leads to loss of income and a loss of trust from their clients.

Large corporations with enough resources may be able to withstand such an event but it takes time before you can see any improvement in your business or income because there’s no quick fix for this type of situation.

Home users are also at risk, as many do not take the necessary steps to protect their personal information online. Taking steps to protect yourself from cyber-attacks is essential.

How to Protect Yourself from Data Breaches

There are several things you can do to protect yourself from data breaches. First, you should never provide your personal information—such as your Tax File Number (TFN) or credit card number—to anyone unless you know and trust them.

Second, you should only do business with companies that have strong security measures in place to protect your personal information.

Third, you should regularly monitor your credit activity for signs of fraud or identity theft.

Finally, you should always report any suspicious activity to your financial institution, ScamWatch and if necessary, the police.

Here are some additional steps you can take to protect yourself:

  1. Use strong passwords and don’t reuse them across different accounts.
  2. Enable two-factor authentication (2FA) whenever possible.
  3. Keep your software up to date.
  4. Be careful about what information you share on social media.
  5. Be cautious about clicking on links or opening attachments in emails, even if they appear to be from a trusted source.
  6. Use a reputable security suite to protect your devices.
  7. Back up your data regularly in case you need to restore it after a breach.
  8. Being aware of cyber-attacks and taking steps to mitigate them are important. This includes unexpected charges on your credit card or unusual activity on your bank account statements.
  9. If you think you may have been the victim of a data breach, report it to the relevant authorities immediately.

By being aware of the risks and taking measures to protect your personal information, you can help reduce your chances of becoming a victim of identity theft or another type of cybercrime.

If you are concerned you have had your data breached, contact us for a full assessment of your devices, system and network.

Optus Data Breach

Posted on by Leah Porter

The last several days have been a rollercoaster of information, regarding the Optus Data Breach. From a technical perspective, we break down what happened (or is alleged to have happened) and what to do.

How did it happen?

Allegedly the ‘hacker’ accessed the information by a vulnerability in Optus’ security protocols. However, Optus refutes these claims and maintain that this was a sophisticated attack by a highly skilled scammer.

Regardless of which is true, accessing basic personal information from a large corporation is clearly possible.

As the news of this fallout has continued, the likelihood that this was a sophisticated attack seems less likely. The alleged ‘attacker’ has since apologised for the 10,200 names that were released. They have promised not to sell any information and have deleted the files.

Although the attacker has stated these files have been deleted, customers should still be wary that the information may still be available somewhere, such as on the Dark Web.
The Dark Web is an area of the internet that normal internet-goers do not access. The platform is widely used for illegal activity including the sale of personal information. There is an online marketplace dedicated to the sale of data. Attackers will pay for quality and real information to use for phishing scams or spam attacks and other things of the like.

Can it happen again?

Absolutely. Unfortunately, even with sophisticated security protocols in place, there are even more sophisticated hackers and programs designed to get around them. Large corporations such as Optus do have solid firewalls and other security measures in place. However, as we know are not infallible.

Staying vigilant as an individual is paramount. Looking for signs of phishing scams, avoiding clicking on links that have been sent directly to you, and looking for other signs that what is presented to you isn’t quite right good practice.

What do I need to do?

If you are one of the 10,200 customers that have been affected by this data breach, you can now get a new driver’s license free of charge.

NSW customers can visit the Service NSW app and receive a new license instantly.

QLD license holders can expect new licenses and numbers issued free of charge also, upon providing an Optus data breach notice at a Queensland Transport Customer Service Centre.

Victorian customers need to reach out to VicRoads to have their license flagged. Customers will need to provide multiple points of ID, for a new new license to be issued.

Other states such as WA are requesting a police report for the re-issue to take place, SA can access via their app mySAGOV, and the ACT can simply go and change their license. Tasmania has not yet determined how they will re-issue new licenses yet.

The AFP has set up Operation Hurricane to track down the attacker and prosecute them for the current data breach.
Over the coming weeks and months, the true scope of what happened and who was to blame will hopefully come to light and we hope that Optus has taken this incident as a stern warning to better protect the valuable information that their customers are expected to provide.

Like this article? Follow us on Facebook for more info, tips and tricks!

Quick Enquiry

    Remote Support

    Looking for a FAST and EASY way to have your computer issues resolved?

    We have remote support options available!

    Find out more about our Remote Support!