This month in security: May 2020
Australian government mandates privacy protections for COVIDSafe app
New legislation dictates that user data can only be stored for 21 days, along with significant penalties for any misuse of data collected through the app.
Looks like the Australian public’s concerns around COVID tracking apps and data privacy have been heard. The government has passed new legislation specifying how data may be stored on a mobile, transmitted by the user to the National COVID Data Store and accessed by State and Territory authorities for the purposes of contact tracing. The source code for the iOS and Android versions of the COVIDSafe app has also been released by the Digital Transformation Agency (DTA). Though there are still a few questions about what happens to the data post-COVID, legislation like this is definitely a big step in the right direction.
Service NSW suffers email breach
Customer information from Service NSW was leaked when the email accounts of 47 staff members were hacked a few weeks ago.
Even though internal cybersecurity teams stopped the attack and limited the breach, the hack still affected the contents of email accounts which contained information about transactions made over the phone or over the counter at their offices. We’ve already talked about how criminals are targeting government agencies and infrastructure, and as more and more government services go digital, securing them is becoming an even bigger challenge.
MyBudget suffers outages in the midst of ransomware attack
The Money management company confirmed a ransomware attack that left 13,000 customers without access to their customer portal.
The Adelaide-based company said its systems were likely compromised when moving its employees to remote working arrangements amid Coronavirus social distancing measures. Financial data is highly confidential, and an incident like this can be a huge blow to the reputation of any finance company. In the competitive digital service economy, cyber resilience and business continuity are quickly becoming table stakes.
Cyberattack on BlueScope Steel disrupts its Australian operations
The steel products manufacturer reported a cyber incident that affected its sales and manufacturing operations in Australia.
A cyber incident was detected in one of the company’s U.S. businesses, causing delays and shutdowns to ripple through their Australian operations. They had to revert to manual processing in some areas while they recovered from the incident. In our interconnected economy, any local vulnerability can quickly become a global-scale cyber incident, and securing supply chains is quickly becoming a major security issue.
Toll Group hit by a new ransomware attack
The Australian logistics giant Toll Group was targeted by its second ransomware attack this year, affecting internal and customer-facing systems.
After recovering from a ransomware attack earlier this year, Toll Group has been struck again -- this time with Nefilim malware. Nefilim is a new form of ransomware based on Nemty and uses AES-128 encryption to lock and encrypt files. While believed to be unrelated to the previous MailTo security incident, Toll was better prepared this time around, securing its core systems, scrubbing infected servers and relying on stored backups to continue operations rather than paying the ransom. Looks like cyber resilience is quickly becoming standard practice as industries adapt to escalating cyber risks.