The advent of digital transformation has seen businesses and individuals rely more on technology to store and manage sensitive data. This has increased the amount of data that is available for hackers to target.

Data breaches have become a persistent threat to organizations and individuals worldwide. Hackers and cybercriminals are continually developing new and advanced techniques to penetrate security systems and gain access to sensitive information.

In the face of this treat, many organisations have not implemented adequate security measures to protect their data. This can include weak passwords, unsecured networks, and outdated software, making them vulnerable to attacks.

Human error is also a major cause of data breaches, despite the best efforts of organisations to educate their employees about cybersecurity. This can include accidental disclosure of information, lost or stolen devices and failure to follow security protocols. The treat of employees, current and former, who are willing to leak sensitive data is also an issue.

As a result, data breaches have become more prevalent, affecting organisations of all sizes and industries.

Below is a collection of articles about some data breaches around the world:

• Queensland University of Technology Ransonware Attack
• LinkedIn 2012 data break and 2021 data scrape
• Australian Red Cross Blood Service data breach
• Credit Suisse leaked records
• Australian National University data breach

Queensland University of Technology Ransomware attack

A cyber attack at Queensland’s second-largest university has caused campus printers to spit out ransomware notes in bulk.

The Queensland University of Technology has shut down multiple IT systems as a precaution.

QUT Vice-Chancellor Professor Margaret Sheil said her own printer was among those affected this morning.

The ransom note purports to be from ‘Royal ransomware’, which Professor Sheil said ran a “well-known” ransomware scheme.

Read more:

• ABC News, 22 December, 2022
• ABC News via MSN, 13 January, 2023

Linkedin

2012 Data breach

Last week [19 May, 2016], news sources reported that the data breach that occurred at LinkedIn in 2012 was actually much, much larger than original thought. The breach was originally thought to have affected almost 6.5 million accounts, but security researchers have now discovered a much larger data dump, containing 117 million login credentials, offered for sale on the dark web. LinkedIn has acknowledged the news and has taken steps to invalidate credentials for all accounts that have not yet reset their passwords since the data breach occurred, reminding all users that changing passwords frequently is a recommended security practice, as well as recommending that users consider two-factor authentication.

Read more: Linkedin, 31 May, 2016

2021 Data scraping

…

Reports the records of 92 per cent of the Microsoft-owned company’s users – 700m people – were being offered for sale for $6600 ($US5000) on darkweb sites spread quickly, with the data analysed and found to contain details including user email addresses, full names, phone numbers, physical addresses, geolocation records, personal and professional experience, and more.

LinkedIn was quick to look into the situation, emphasising in a statement that “this is not a data breach and no private LinkedIn member data was exposed”.

Read more:

• Information Age, 7 July, 2021
• Linkedin, 3 August, 2021

Australian Red Cross Blood Service data breach

The Australian Red Cross Blood Service (Blood Service) website www.donateblood.com.au allows individuals to book appointments to donate blood.

Precedent Communications Pty Ltd (Precedent) managed the website www.donateblood.com.au for the Australian Red Cross Blood Service (the Blood Service).

On 5 September 2016, a Precedent employee inadvertently saved a backup of a database file containing information relating to approximately 550,000 prospective blood donors, who had entered their details on the Donate Blood website, to a public-facing web server (the data breach). The data file was discovered and accessed by an unknown individual on 25 October 2016. On the same day, the individual notified the Blood Service via a number of intermediaries. The Blood Service immediately took steps to contain the breach.

You can read the Investigation reports from Precedent Communications and from Australian Red Cross Blood Service.

A media release from the Office of the Australian Information Commissioner, 7 August, 2017.

Credit Suisse

…

After its luxury watches, snow-capped mountains, and superior chocolates, the Alpine nation of Switzerland is perhaps known best for its secretive banking sector. And at the heart of that sector is Credit Suisse, which over its 166-year history has become one of the world’s most important financial institutions.

…

But, as a new global investigation spearheaded by the German newspaper Süddeutsche Zeitung and OCCRP reveals, this glittering success has its murky side.

Journalists have obtained leaked records identifying more than 18,000 accounts belonging to foreign customers who stashed their money at Credit Suisse. The records are nowhere near a complete list of the bank’s clients, but they provide a revealing glimpse behind the curtain of Swiss banking secrecy.

Over 160 reporters from 48 outlets spent months poring through the data — and found that dozens of the accounts belonged to corrupt politicians, criminals, spies, dictators, and other dubious characters. These are not obscure names, their misdeeds often identifiable through a simple Google search. And yet, their accounts — which held over $8 billion — remained open for years.

…

Compliance experts who reviewed OCCRP’s findings said many of these people should not have been allowed to bank at Credit Suisse at all.

Organized Crime and Corruption Reporting Project and Süddeutsche Zeitung, 20 February, 2022

Read more:

• The New York Times, 20 February, 2022,
• The Guardian, 21 February, 2022

ANU releases detailed account of data breach

In early November 2018, a sophisticated actor gained unauthorised access to the ANU network. This attack resulted in the breach of part of the network known as the Enterprise Systems Domain (ESD), which houses our human resources, financial management, student administration and enterprise e-forms systems.

The initial means of infection was a sophisticated spearphishing email which did not require user interaction, ie clicking on a link or downloading an attachment. The actor’s dwell time on the ANU network was approximately six weeks, with most malicious activity ending around mid-December 2018, although there were some further attempts after this time.

…

That said, ANU acknowledges several technical vulnerabilities and people and process issues that contributed to the success of the actor’s campaign. ANU has either addressed these issues or, for more complex issues, is in the process of developing a response and remediation plan as part of our strategic information security program. A summary of lessons can be found in Table One of this report.

Click Incident Report

Australian National University, 2 October, 2019