Search This Blog

Showing posts with label ACSC. Show all posts

Oxfam Australia 1.7 Million users Compromise with the Data Breach

 

Recently, a hacking threat group has supposedly infected the data of 1.7 billion users, which is being investigated by Oxfam Australia – a humanitarian and non-profit organization that witnessed data breach and blatant violation of privacy. 

Oxfam Australia is a secular association which is focused on development and assistance, it is an autonomous organization that operates within the broader framework of Oxfam Umbrella to eradicate poverty across Australia, Asia, Africa, and the Middle East.

The company said in a statement on Thursday 4th of February, that they were informed about the data breach at the end of last week and that they immediately instigated an investigation to uncover the motives, origins, and damage incurred. 

Oxfam Australia is investigating a possible violation of privacy after a threat actor claimed to sell their database on a hacker website. The dark web database sample contains email addresses, names, physical addresses, telephone numbers, and donation sums, which seems to be all legit data to customers. One of the records includes legal donor data from threat actor pooled sample data. Although it is still unknown whether any data has been compromised, it was revealed earlier this week that a threat actor was trying to sell a charity database. Forensic experts were asked to help determine whether data were accessed and whether their supporters were affected. Oxfam Australia said they are currently undertaking investigations into the breach and have reported the infringements to the Australian Cyber Security Centre (ACSC) and Office of the Australian Information Commissioner (OAIC). 

"Late last week, Oxfam Australia was alerted to a suspected data incident. Oxfam immediately launched an investigation and engaged market-leading experts to assist in identifying whether data may have been accessed and any impact on its supporters." 

Chief Executive Lyn Morgain said, “Oxfam Australia had reported the matter to the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC) while continuing to investigate the suspected incident.” 

In order to warn them of the alleged violation, Oxfam contacted supporters and stakeholders. Although no official confirmation was issued for the cyber-attack, an information violation has probably occurred based on the threat actor details. 

In these regards, all contributors and registered users on the Oxfam Australia platform need to update their passwords. They also need to change it if they use the same password on other pages. Threat actors may also use the data suspected to conduct targeted phishing attacks in that database. Both donors can watch for phishing attacks from Oxfam and submit additional personal details. 

Morgain added that “We are committed to communicating quickly to our supporters once the facts have been established, and we will provide updates as we learn more.”

Australian Cyber Security Centre Hit by Cyber Security Attack

 

The Australian Cyber Security Centre is on high alert for the vulnerability lately. The Australian corporate regulator has been the latest high-profile survivor of a hacking attack on the same program that used to target both the New Zealand Reserve Bank and the Allens law firm. On Monday (25th January) evening, a 'cyber safety incident involving a server used by ASIC' was said to have been hit by the Australian Securities and Investments Commission. 

It all started when the Australia Securities Regulator reported that a server that was used to move files, including credit license applications, recently had a data security violation, where possibly some information has been viewed. The ASIC (Australian Securities and Investments Commission) said it became aware of the case on 15 January, but the credit license form(s) or attachments did not seem to have been downloaded, however. 

Furthermore, the ASIC stated that “This incident is related to Accellion software used by ASIC to transfer files and attachments. It involved unauthorized access to a server which contained documents associated with recent Australian credit license applications.” Moreover, the regulator also said that “While the investigation is ongoing, it appears that there is some risk that some limited information may have been viewed by the threat actor. At this time ASIC has not seen evidence that any Australian credit license application forms or any attachments were opened or downloaded.” Accellion's file transfer program framework is a two-decade-old product but was revised last year after it heard about system vulnerabilities. The same incident occurred with the file-sharing software provided by Accellion based in California. The same software was also used by the New Zealand Central Bank, which suffered a cyber attack earlier this month. 

The server was disabled and there was no abuse of any other tech infrastructure, added the ASIC, “No other ASIC technology infrastructure has been impacted or breached. ASIC is working with Accellion and has notified the relevant agencies as well as impacted parties to respond to and manage the incident.” 

“ASIC’s IT team and cybersecurity advisers engaged by ASIC are undertaking a detailed forensic investigation and working to bring systems back online safely,” says the regulator.