After telco hack, Australia faces a wave of data breaches

A data breach at Australia's second-largest telco may have raised the country's profile as a hacking target, cybersecurity experts.

| Updated on: Oct 22 2022, 00:19 IST
Cisco, AppGuard, Symantec to Avira, here are top 5 cybersecurity companies in the world
1/5 Cisco- Specialist in network security and threat protection, domain security, energy management, Cisco also provides solutions in domains such as cloud threat intelligence, threat incident response, cloud security, next-generation firewalls, advanced malware protection, and email security for a safe and secure networking experience. (AP)
IBM Security
2/5 IBM Security- IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. Located in the USA, IBM also specializes in threat-hunting and response. (REUTERS)
3/5 AppGuard- Featured in the Top 25 CIO Application magazine in 2018, AppGuard is one of the world's most-trusted cybersecurity companies. It helps stop attacks in their preliminary stage and provides strong protection against almost undetectable types of malware. (AppGuard)
4/5 Symantec- Among the Fortune500 companies is Symantec, a threat protection company. Symantec focuses on mobile, cloud and endpoint protection. It provides cybersecurity services such as advanced threat protection, network security, cloud security, information protection, and email security. (Symantec)
5/5 Avira- Avira is considered one of the world's best cybersecurity companies. It specializes in antivirus and security software with products such as safe routers, password managers, antivirus software, and internet security. It also provides services for businesses such as exchange security, system integration, antivirus service, managed email security, and antivirus for the endpoint. (Wikimedia Commons)
Optus Data Breach
View all Images
Already larger Optus rival Telstra Corp Ltd has disclosed a small breach of employee data. (AP)

A data breach at Australia's second-largest telco may have raised the country's profile as a hacking target, cybersecurity experts said on Thursday, as federal police began investigating a separate breach at the country's top health insurer.

Since Singapore Telecommunications Ltd-owned Optus disclosed last month the theft of about 10 million customer records, equivalent to 40% of the country's population, the country's biggest companies and government bodies have been on high alert for repeat attacks.

Already larger Optus rival Telstra Corp Ltd has disclosed a small breach of employee data, while No. 1 grocery chain Woolworths Group Ltd said an unidentified party gained unauthorised access to the customer database of a bargain website used by 2.2 million shoppers.

Health insurer Medibank Private Ltd, which provides coverage for one-sixth of Australians, said on Wednesday that a hacker group had tried to negotiate payment for stolen policy-holder data. The company added that it was treating the unnamed party's demands seriously and halted trading in its shares pending an investigation.

"When you do have a highly visible breach like Optus in Australia out there, hackers take notice of that and go 'maybe I'll have a go down there and see what I can get away with,'" said Jeremy Kirk, executive editor at Information Security Media Group, a cybersecurity specialist publication.

Cybersecurity Minister Clare O'Neil said the Australian Federal Police (AFP) had opened an investigation into the Medibank attack, adding that, while the authorities did not know what had been stolen, any theft of healthcare records exposed people to having damaging personal information published.

The AFP said it was investigating but had no further comment.

"What we have here is ... healthcare information and that just on its own being made public can cause immense harm to Australians and that's why we are so engaged with this," she told the Australian Broadcasting Corp.

The high-profile data breaches show the importance of multi-factor authentication - where a person uses a code sent to a separate device to log in - at every level of a company's network, said Sanjay Jha, chief scientist for the University of New South Wales Institute for Cybersecurity.

"Maybe for end users they have done it, but for internal servers they should have even more stringent control," Jha told Reuters by phone.

"You need continuous authentication so that people don't log in and leave it forever, and then attackers can compromise your system," he added.

Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 22 Oct, 00:19 IST