This month in security: March 2021
Australian corporations hit by massive Microsoft Server hack
The ACSC confirmed that Australian organisations, which could include over 7000 servers locally, had been affected by the hack.
the ACSC raised a warning to Aussie corporations using Microsoft Exchange services to urgently patch their software after it was compromised by hackers earlier this month. The Cyberattacks on Microsoft’s Exchange servers have affected countless organisations across the world, including many in Australia. While Microsoft initially attributed the attacks to a Chinese hacking group known as Hafnium, other cybercrime groups had also jumped on the hacking bandwagon before the patches could be released. Microsoft has published a blog post explaining how to patch the product to protect it from the hack, so if you’re using MS Exchange services in any shape or form, best to get those patches installed ASAP.
Disruptions at hospitals in eastern Melbourne in wake of suspected cyberattack
Box Hill, Maroondah, Healesville and Angliss hospitals dealt with IT disruptions after some of their computer networks were taken offline.
The attack seems to have been targeted at Eastern Health, a related health organisation that also runs day hospitals and community health services, including Yarra Ranges Health, Yarra Valley Health, Wantirna Health and the Peter James Centre in Burwood East. Some elective surgeries had to be postponed or suspended while the incident was resolved. We’ve talked before about how vulnerable our healthcare sector is, and the situation is getting more serious as cyberattacks continue to scale up.
Ex-contractor accessed VIC government’s IT system 260 times a year after leaving
A former caseworker was able to access confidential information for months after leaving their role.
A report from The Office of the Victorian Information Commissioner (OVIC) revealed a data breach at the former Department of Health and Human Services (DHHS), in which a former employee of a contracted service provider (CSP) continued to have unauthorised access to client information long after their departure from their role. The security lapse was attributed to human error and gaps in the deprovisioning process in the system. The CSP in question has upgraded its security measures and the DHHS (now the DFFH) is on schedule to complete all the specified security actions required.
Airline travellers warned about data breach
Customers of Air New Zealand and Singapore Airlines may have been affected by a breach.
The breach was confirmed by SITA on February 24 with the public notified on March 4. Air New Zealand told its customers the compromised data was limited to their “names, tier status and membership numbers”, and did not include any passwords, credit card information or other personal consumer data. Malaysia Airlines also dealt with a separate data breach incident, which exposed the personal information of members in its frequent flyer program, some of which dates as far back as nine years. COVID may be keeping us from travelling, but that hasn’t stopped attackers from trying to get into our frequent flier miles.
Multinational dairy giant Lactalis targeted by cyberattack
The French dairy group Lactalis was targeted by hackers earlier this month, but claimed that there was no evidence of a data breach.
Lactalis, one of the world’s leading dairy groups, operates across 51 countries and also has a presence in Australia through their Oak, Ice Break and Galbani brands of dairy products. The company said a malicious third party attempted to breach its computer network, but it managed to contain the attack. Don’t risk getting milked by attackers. Review your cybersecurity before things go sour. (Okay, I'll stop with the milk-based puns now.)
Acer reportedly hit with ransomware attack, hackers demand $50 million
The attack looks to be the work of the REvil group that hit Travelex last year.
It looks like the famed Microsoft Exchange incident has impacted Taiwanese computer manufactuer Acer as well, with reports suggesting they’ve been hit by a ransomware attack and a $50 million ransom. Being a technology company, Acer is no stranger to cyberattacks and is currently investigating the incident.