Australia’s internet domain administrator, auDA, might have suffered a data breach. The organisation was alerted to an alleged data breach last Friday afternoon and had initially denied it was affected after it found no evidence of such an event from their investigation. However early this week the cyber criminal provided evidence of a small sample of the breach data. This included a screenshot of a file list from a computer. The hackers claim to have access to 15GB of data which includes powers of attorney & legal documents, passport information, personal data, medical reports, loan repayment information, death certificates and customer bank account details. auDA is a non-profit that is supported by the Australian government. They administer the .au domain name system and have more than 4 million .au domain names registered. The organisation is deemed to be a critical infrastructure for Australia. The Australian Cyber Security Centre, the Department of Home Affairs and the Office of the Australian Information Commissioner had been alerted of the alleged breach. The investigation is ongoing.
https://www.auda.org.au/statement/auda-statement
https://www.auda.org.au/statement/cyber-incident-update
https://www.itnews.com.au/news/hackers-claim-to-have-breached-auda-599411
https://therecord.media/australia-domain-name-admin-denies-data-breach
This segment was created for the It’s 5:05 podcast