1. OCAU Merchandise is available! Check out our 20th Anniversary Mugs, Classic Logo Shirts and much more! Discussion in this thread.
    Dismiss Notice

Consolidated Major Australian Data Breaches Thread

Discussion in 'Networking, Telephony & Internet' started by ipv6ready, Sep 23, 2022.

  1. JSmithDTV

    JSmithDTV Member

    Joined:
    Jun 13, 2018
    Messages:
    12,631
    Location:
    Algol, Perseus
    It's more likely the potential customers of this information will be most interested in those records that have linked CC details... the others, probably/hopefully not so much.



    JSmith
     
  2. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    27,654
    Identity theft is big business.
     
  3. JSmithDTV

    JSmithDTV Member

    Joined:
    Jun 13, 2018
    Messages:
    12,631
    Location:
    Algol, Perseus
    Absolutely, or they wouldn't bother.

    The most valuable records (i.e. command a higher price) from my understanding are those that contain full or partial CC details though, rather than just name/address/email. Those with DOB's would also be a bit concerning.

    Let's hope not too many people used the same password for this as their internet banking email.

    Anyone know how they got attacked yet?



    JSmith
     
  4. Tinian

    Tinian Member

    Joined:
    Jan 3, 2009
    Messages:
    21,394
    Location:
    15.0° N, 145.63° E
    I went to check and couldn't progress into my profile because it asked for my mobile.
     
  5. chook

    chook Member

    Joined:
    Apr 9, 2002
    Messages:
    6,365
    Same here. I suspect that their entire site has been breached and now the attackers are just trying to harvest more data to fill in the blanks. Luckily I have different passwords for everything so it's not that big a deal for me on that front but I can't remember if I unlinked my credit card last time I bought something.
     
  6. mesaoz

    mesaoz Member

    Joined:
    Jan 15, 2015
    Messages:
    11,674
    Location:
    Brisbane
    more likely they’ve enforced 2fa to prevent further damage…
     
  7. chook

    chook Member

    Joined:
    Apr 9, 2002
    Messages:
    6,365
    It wasn't just a "hey what's your mobile so we can send you a message screen" it was a please enter your name, address, etc. form which they should already have.
     
    mesaoz likes this.
  8. JSmithDTV

    JSmithDTV Member

    Joined:
    Jun 13, 2018
    Messages:
    12,631
    Location:
    Algol, Perseus
    Related, so I'll pop this here;

    https://www.abc.net.au/news/2024-05...ion-takes-down-ransomware-networks-/103917618


    JSmith
     
  9. mesaoz

    mesaoz Member

    Joined:
    Jan 15, 2015
    Messages:
    11,674
    Location:
    Brisbane
    I was telling a colleague about ukraine's troll farms and ransom groups that we stopped talking about when the ruzzia orc attacks begun.

    Good to see action, but it does feel like stopping these groups will just be like cutting the head off a hydra though.
     
  10. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    27,654
    Is Ticketek the same mob as Ticketmaster?
     
  11. JSmithDTV

    JSmithDTV Member

    Joined:
    Jun 13, 2018
    Messages:
    12,631
    Location:
    Algol, Perseus
    Nah... Ticketek is Ticketmasters competitor here and is owned by 9 Entertainment. Ticketmaster is from the US, massive global corp., Live Nation Ent.



    JSmith
     
  12. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    27,654
    Ok because this is an email I received tonight....

     
  13. JSmithDTV

    JSmithDTV Member

    Joined:
    Jun 13, 2018
    Messages:
    12,631
    Location:
    Algol, Perseus
    Shit, that's not good. It's concerning they say;

    We would like to reassure you that Ticketek has secure encryption methods in place for all passwords and your Ticketek account has not been compromised.

    ... and then;

    The available evidence at this time indicates that, from a privacy perspective, your name, date of birth and email address may have been impacted.



    JSmith
     
  14. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    27,654
    That's shorthand for we encrypted the passwords but didn't bother to encrypt the account details that the passwords belong to.

    They have a lot of confidence in the security of the passwords and payment details.
    But I imagine they also had a lot of confidence in the security of the systems that got breached, right up until they were breached.
     
  15. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    27,654
    Yeah we know.
     
    mAJORD likes this.
  16. supasaiyan

    supasaiyan Member

    Joined:
    Nov 17, 2006
    Messages:
    6,278
    Location:
    3000
    MUTMAN likes this.
  17. gav1ski

    gav1ski Member

    Joined:
    Aug 9, 2001
    Messages:
    323
    Location:
    Sydney
    MUTMAN likes this.
  18. JSmithDTV

    JSmithDTV Member

    Joined:
    Jun 13, 2018
    Messages:
    12,631
    Location:
    Algol, Perseus
    Well looks like you got your wish...

    https://www.abc.net.au/news/2024-06-05/hacked-health-company-goes-into-administration-/103938942
    ... doesn't seem right to me. I think Govt needs to think about this more. It should be a helpful environment when these things happen, not always punitive.



    JSmith
     
  19. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    27,654
    There's no incentive for a company to do the right thing when it comes to the security of the data they collect.
    "The government will bail us out"
    "Too big to fail"
    etc etc

    Fuck them and fuck them hard.
     
    chook likes this.
  20. JSmithDTV

    JSmithDTV Member

    Joined:
    Jun 13, 2018
    Messages:
    12,631
    Location:
    Algol, Perseus
    I would agree... if we had details of how the breach occurred and it was clearly due to idiocy or non-concern. I don't think we can say black and white... there is a lot of grey.

    One can only assume this mob didn't have cyber security insurance.

    The Govt bails out many companies... look at all the money the tax payer spent on the car industry here for example, subsidies all over the place in other industries too.

    Why should the ICT sector be ignored?



    JSmith
     

Share This Page

Advertisement: