ZircoDATA breach compromises thousands of personal information on dark web
- Replies 8
In an era when personal information is digitised and stored across various platforms, data security is paramount.
Unfortunately, ZircoDATA's digital defences, a data management firm with ties to over 200 Australian companies, were compromised.
This breach has led to the personal information of tens of thousands of Australians being leaked and auctioned off on the dark web, raising serious concerns about privacy and cybersecurity.
The breach, which occurred in February, has sent shockwaves through the Australian business and healthcare sectors.
Among the compromised data were 4,000 sensitive documents from Monash Medical Centre, including records from family violence and sexual support units and the electronic profiles of 60,000 Melbourne Polytechnic students.
The National Cyber Security Coordinator, General Michelle McGuinness, said the government has been working diligently to assess the full extent of the breach.
In February, ZircoDATA reported that an 'unauthorised third party' had gained access to its systems, following assertions from hackers on the dark web claiming such access.
The revelation of the hack came after the cybercriminal group Black Basta posted about the auction of the stolen data on the dark web, prompting an immediate investigation by the Australian Federal Police (AFP).
Monash Health's Chief Executive, Professor Eugine Yafele, expressed his organisation's commitment to supporting those affected and acknowledged the distress caused by the breach.
'Of utmost importance to us is providing support to those people who may be impacted by this breach,' he said.
'We are deeply disappointed to be in this position and understand the distress this may cause any impacted clients.'
'This is a distressing development for those who have, or believe they may have, been impacted by this exposure,' McGuiness said on social media.
The breach has also highlighted the vulnerability of educational institutions. Melbourne Polytechnic disclosed that enrollment information for past and present students had been accessed.
The data included names, student identification numbers, addresses at the time of enrollment, and birth dates.
Frances Coppolillo, the Chief Executive of Melbourne Polytechnic, apologised and assured that efforts were being made to contact those affected.
'Melbourne Polytechnic apologises unreservedly to everyone affected by this incident,' Coppolillo said in a statement.
'We have contacted every current student impacted and are endeavouring to contact past students, many of whose contact details may have changed over the past 10 years.'
The dark web posts by Black Basta boasted of accessing 395 gigabytes of ZircoDATA archives, which included passport scans, individual immigration identifiers, and other sensitive documents.
Another group, Crypmans, is also believed to have breached ZircoDATA's systems in January using the same vulnerability.
Cybersecurity firms like Cyble have been assisting companies affected by the ZircoDATA breaches.
Cyble's Kapil Barman and Risk Associates' Sameer Pradhan have been tracking the fallout, with Pradhan identifying 191 Australian organisations affected by the hacks.
The Department of Home Affairs has confirmed its investigation into the matter, although it has not yet identified the perpetrators or the full list of affected government agencies.
ZircoDATA clients, including the CSIRO and the Australian Pesticides and Veterinary Medicines Authority, have been on high alert, with the former stating it had not been notified of any exposure.
As the investigation continues, Information Commissioner Sean Morrison has assured the public that his office ‘will continue to monitor the incident and...receive updates as necessary'.
Have you been affected by a data breach? What measures do you take to protect your personal information? Let us know in the comments below!
Unfortunately, ZircoDATA's digital defences, a data management firm with ties to over 200 Australian companies, were compromised.
This breach has led to the personal information of tens of thousands of Australians being leaked and auctioned off on the dark web, raising serious concerns about privacy and cybersecurity.
The breach, which occurred in February, has sent shockwaves through the Australian business and healthcare sectors.
Among the compromised data were 4,000 sensitive documents from Monash Medical Centre, including records from family violence and sexual support units and the electronic profiles of 60,000 Melbourne Polytechnic students.
ZircoDATA's breach has led to thousands of personal information leaked and auctioned off on the dark web. Credit: Shutterstock
The National Cyber Security Coordinator, General Michelle McGuinness, said the government has been working diligently to assess the full extent of the breach.
In February, ZircoDATA reported that an 'unauthorised third party' had gained access to its systems, following assertions from hackers on the dark web claiming such access.
The revelation of the hack came after the cybercriminal group Black Basta posted about the auction of the stolen data on the dark web, prompting an immediate investigation by the Australian Federal Police (AFP).
Monash Health's Chief Executive, Professor Eugine Yafele, expressed his organisation's commitment to supporting those affected and acknowledged the distress caused by the breach.
'Of utmost importance to us is providing support to those people who may be impacted by this breach,' he said.
'We are deeply disappointed to be in this position and understand the distress this may cause any impacted clients.'
'This is a distressing development for those who have, or believe they may have, been impacted by this exposure,' McGuiness said on social media.
The breach has also highlighted the vulnerability of educational institutions. Melbourne Polytechnic disclosed that enrollment information for past and present students had been accessed.
The data included names, student identification numbers, addresses at the time of enrollment, and birth dates.
Frances Coppolillo, the Chief Executive of Melbourne Polytechnic, apologised and assured that efforts were being made to contact those affected.
'Melbourne Polytechnic apologises unreservedly to everyone affected by this incident,' Coppolillo said in a statement.
'We have contacted every current student impacted and are endeavouring to contact past students, many of whose contact details may have changed over the past 10 years.'
The dark web posts by Black Basta boasted of accessing 395 gigabytes of ZircoDATA archives, which included passport scans, individual immigration identifiers, and other sensitive documents.
Another group, Crypmans, is also believed to have breached ZircoDATA's systems in January using the same vulnerability.
Cybersecurity firms like Cyble have been assisting companies affected by the ZircoDATA breaches.
Cyble's Kapil Barman and Risk Associates' Sameer Pradhan have been tracking the fallout, with Pradhan identifying 191 Australian organisations affected by the hacks.
The Department of Home Affairs has confirmed its investigation into the matter, although it has not yet identified the perpetrators or the full list of affected government agencies.
ZircoDATA clients, including the CSIRO and the Australian Pesticides and Veterinary Medicines Authority, have been on high alert, with the former stating it had not been notified of any exposure.
As the investigation continues, Information Commissioner Sean Morrison has assured the public that his office ‘will continue to monitor the incident and...receive updates as necessary'.
.png){kind=icon}
