2025 Data Breach lists
The Complete List of Data Breaches in Australia
January 2025
February 2025
March 2025
January 2025
| No | Affected Company | Industries | Data breach Details | Threat Actor |
|---|---|---|---|---|
| 1 | MediSecure | Healthcare | Exposed personal and health information of 12.9 million Australians, including names, birth dates, addresses, Medicare numbers, and prescription details. | The exact perpetrator is unknown, but likely a sophisticated cybercriminal group using ransomware techniques. |
| 2 | Cyberhaven | Browser security and software development | Attackers hijacked authenticated sessions, exfiltrating sensitive company credentials from over 400,000 users. | Likely cybercriminals using an OAuth-based phishing attack to compromise Chrome Extensions. |
| 3 | Volkswagen (including Audi, Skoda, and Seat) | Automotive and technology | Exposed data of 800,000 EV owners, including names and precise vehicle geolocation. | A misconfiguration in Volkswagen’s software subsidiary, Cariad, left the data exposed (discovered by the Chaos Computer Club). |
| 4 | Evidn | Applied behavioral science and government consultancy | Hackers claim to have stolen 50GB of data, potentially affecting government and private sector clients. | Everest ransomware gang, a Russian-speaking cybercriminal group. |
| 5 | Spectrum Medical Imaging | Healthcare and medical imaging | Exfiltrated financial and customer data, including names and medical information | INC Ransom, a ransomware group |
| 6 | ARDEX Australia | Tiling, flooring, and waterproofing | Exfiltrated business documents, personal data, emails, and confidential information | Medusa ransomware gang |
| 7 | Austin’s Financial Solutions | Wealth management and financial services | 147GB of stolen data, including employee passports, payroll data, and contracts | Kairos ransomware gang |
| 8 | Globelink International | Freight forwarding | 22GB of stolen data, including company debtors, creditors, and internal documents | Qilin ransomware operation |
| 9 | DBG Health (including Arrotex Pharmaceuticals) | Pharmaceuticals, Healthcare | 2.5TB of stolen data, including patient information, employee details, and business plans | Morpheus ransomware gang |
| 10 | University of New South Wales (UNSW) School of Physics | Education | Cyber attack on website, no specific impact detailed | RipperSec hacking group |
| 11 | Novati Constructions | Construction | Stolen contracts, financial data, incidents, emails, and client correspondence | Lynx ransomware gang |
| 12 | Unique Cars and Parts | Automotive (Car Parts) | No specific details provided; website targeted | RipperSec hacking group |
| 13 | Muswellbrook Shire Council | Local government, mining, agriculture, equine, electricity production, and tourism | 175GB of stolen data including council correspondence, rate payments, and personal information of employees and residents | Ransomware gang SafePay, suspected to be Russian-speaking or based in Russia |
| 14 | Christian Community Aid (CCA) | Not-for-profit charity providing community support services. | Stolen data includes various file types (.jpg, .mp4, .xls, etc.), though the volume is unspecified. | Ransomware gang Space Bears, suspected to be based in Russia |
| 15 | JB Hi-Fi (falsely claimed) | Retail (home entertainment and technology). | No actual breach; the data sample matched a 2023 Dymocks incident. | Threat actor “LordAbe,” known for selling recycled public leaks |
| 16 | Clutch Industries. | Automotive manufacturing. | 350GB of stolen data, including employee records, business documents, financial information, shared user folders, engineering documents, and sales data. | Lynx ransomware group |
February 2025
| No | Affected Company | Industries | Data breach Details | Threat Actor |
|---|---|---|---|---|
| 1 | Natures Organics | Sustainable goods manufacturing (personal care and household products) | 142.85GB of stolen data, including passport and driver’s license scans, bank transaction histories, employee payslips, and internal communications | Medusa ransomware group |
| 2 | Regency Media (defunct since 2023) | Media production (discs, VHS, and audio cassettes) | 16GB of stolen data, including NDAs, driver’s licenses, passports, contact details, and financial data. | Akira ransomware group |
| 3 | Australian National University (ANU) | Education and research | Alleged theft of student and teacher data, but no evidence of an active ransomware threat was found | FSociety ransomware group |
| 4 | Albright Institute of Language and Business | Education (private training organization) | Stolen data includes passport scans, visa application documents, study offer letters, payment plans, and detailed student records (e.g., names, IDs, emails, results) | KillSec ransomware group |
| 5 | Brown and Hurley | Truck and trailer dealership | 170GB of stolen data, including HR documents, business contracts, customer data, and financial information | Lynx ransomware group |
| 6 | Genea Fertility | Healthcare (IVF and fertility services) | 940.7GB of stolen data, including personal and medical information such as names, Medicare numbers, medical histories, test results, and prescriptions | Termite ransomware group |
| 7 | Pound Road Medical Centre (PRMC) | Healthcare (medical services) | Stolen patient data, including Medicare and pension card details, medical records, personal information, and CCTV footage | Anubis ransomware group |
| 8 | Riverina Medical and Dental Aboriginal Corporation (RivMed) | Healthcare (Aboriginal and Torres Strait Islander services) | Potential access to personal and sensitive data; exact details under investigation | INC Ransom ransomware group |
March 2025
| No | Affected Company | Industries | Data breach Details | Threat Actor |
|---|---|---|---|---|
| 1 | Zurich Insurance Group | Insurance | Allegedly stolen 1,400 sensitive internal files, including financial documents, contracts, agreements, and communications. | Threat actor “Rey” |
| 2 | Wendy Wu Tours | Tourism and travel | Stolen data includes valid passport scans, pre-travel forms with personal details, emergency contacts, and frequent flyer numbers | KillSec ransomware group |