View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 2, 2019

2019’s First Data Breach: It Took Less than 24 Hours

30,000 state government's details phished....

By CBR Staff Writer

The first data breach of 2019 was reported less than 24 hours into the New Year.

The details of an estimated 30,000 Australian civil servants were stolen when a directory was downloaded by an unauthorised third party – believed to have phished the email address of a government employee in the state of Victoria.

The Victoria Premier’s Department said it had referred the breach to police, the Australian Cyber Security Centre and the Office of the Victorian Information Commissioner, Australia’s ABC network reported.

2019’s First Data Breach

The data set held details including work emails, phone numbers and job titles. Staff were told no banking or financial information was held in the directory.

“The Government will ensure any learnings from the investigation are put in place to better protect against breaches like this in the future,” the department said.

The incident comes two days after Australia’s national radio station operator Nova Entertainment also warned that a “legacy dataset” of information collected from listeners has been breached and “publicly disclosed”.

CEO Cathy O’Connor said in a statement that the data was collected between May 2009 and October 2011 and included personal information including name, gender and date of birth, contact information and user account details.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Read this: Morrisons Loses Data Breach Appeal: A “Serious Warning” for Business Leaders

The incident follows a year in which large scale breaches became the norm.

These include Facebook (up to two billion accounts scraped), the Marriott Hotel chain (over 500 million guests’ details), and Under Armour (150 million users’ details) to name just three. The equivalent to 291 records were stolen or exposed every single second in the first half of 2018, security company Gemalto’s Breach Level Index shows.  

The website, which tracks compromised email accounts, now recognises 5.6 billion accounts as “pwned”. 

(The website’s “pwned passwords” section meanwhile hosts 517,238,891 real world passwords previously exposed in data breaches.)

UK enterprises unsure how robust their databases are would be wise to start 2019 with a security audit: a late October ruling by the High Court means businesses have a greater duty of care than ever to protect employee’s data. The ruling held supermarket Morrisons  “vicariously liable” for a former employee leaking personal information of some 100,000 members of staff. The supermarket lost its appeal on October 23 in what was the UK’s first data protection class action, made by 5,518 claimants.

See also: GDPR Encryption Clause: Is This the “Get Out of Jail Free” Card for a Data Breach?

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.