Australia government looses visa holders sensitive details in cyber attack

Ransomware Attack

A cyber attack targeting the database of technology service provider ZicroDATA has reportedly resulted in the leak of sensitive information pertaining to Australian visa holders. The compromised data includes full names from visa applications, phone numbers, dates of birth, driving license details, passport numbers, and aspects of medical history.

As of now, there is no evidence indicating that this leaked information has been misused. However, the breach could have far-reaching consequences for various agencies, including law enforcement, national security, emergency management, immigration, and cybersecurity, as ZicroDATA provides services to these entities in addition to the Department of Home Affairs (DHA).

Such sensitive data can potentially lead to phishing attacks, identity theft, and other social engineering tactics.

The cyber attack on ZicroDATA occurred in January 2024, and by February, some of the stolen data was found for sale on the dark web. However, the company officially reported the data breach to the DHA only in June. They noted that all visa applicants who utilized the Free Translation Service (FTS) between 2017 and 2022 were affected, while the data of other visa applicants remained secure.

Meanwhile, Monash Health, which provides healthcare services, announced in May that it had become aware of the data breach. The breach involved archival data stored on the ZicroDATA platform, covering the period from 1969 to 1993.

Michelle McGuiness, coordinator of National Cyber Security, stated that the Australian government learned of the incident in May and has launched an investigation, with results expected to be made public by mid-next month. This will help clarify the number of customers impacted by the breach.

ZicroDATA specializes in Records and Information Management, offering services that include digitizing physical documents, data storage, language translation, and data destruction since 1995. In response to the breach, the company has treated this incident as a wake-up call and has implemented measures to enhance its cybersecurity infrastructure by August 2024.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display