2 1

Cyber black market selling hacked ATO and MyGov logins shows Medibank and Optus only tip of iceberg
The highly sensitive information of millions of Australians including logins for personal Australian Tax Office accounts, medical and personal data of thousands of NDIS recipients, and confidential details of an alleged assault of a Victorian school student by their teacher is among terabytes of hacked data being openly traded online.

Key points:

  • ABC Investigations can reveal confidential documents about private school students and NDIS participants were published without their knowledge
  • Included for sale or ransom were legal contracts and remote access to an Australian manufacturing company
  • Security experts believe the cyber black market is, by some measures, the third largest economy in the world

An ABC investigation has identified large swathes of previously unreported confidential material that is widely available on the internet, ranging from sensitive legal contracts to the login details of individual MyGov accounts, which are being sold for as little as $1 USD.
The huge volume of newly identified information confirms the high-profile hacks of Medibank and Optus represent just a fraction of the confidential Australian records recently stolen by cyber criminals.
At least 12 million Australians have had their data exposed by hackers in recent months.
It can also be revealed many of those impacted learnt they were victims of data theft only after being contacted by the ABC.
They said they were either not adequately notified by the organisations responsible for securing their data, or were misled as to the gravity of the breach.

One of the main hubs where stolen data is published is a forum easily discoverable through Google, which only appeared eight months ago and has soared in popularity — much to the alarm of global cyber intelligence experts.

Anonymous users on the forum and similar websites regularly hawk stolen databases collectively containing millions of Australians' personal information.
Others were seen offering generous incentives to those daring enough to go after specific targets, such as one post seeking classified intelligence on the development of Australian submarines.
"There's a criminal's cornucopia of information available on the clear web, which is the web that's indexed by Google, as well as in the dark web," said CyberCX director of cyber intelligence Katherine Mansted.
"There's a very low barrier of entry for criminals … and often what we see with foreign government espionage or cyber programs — they're not above buying tools or buying information from criminals either."
In one case, law student Zac's medical information, pilfered in one of Australia's most troubling cyber breaches, was freely published by someone without a clear motive.
Zac has a rare neuromuscular disorder which has left him unable to walk and prone to severe weakness and fatigue. The ABC has agreed not to use his full name because he fears the stolen information could be used to locate him.
His sensitive personal data was stolen in May in a cyber attack on CTARS, a company that provides a cloud-based client management system to National Disability Insurance Scheme (NDIS) and NSW out-of-home-care service providers.
The National Disability Insurance Agency (NDIA), which is responsible for the NDIS, told a Senate committee it had confirmed with CTARS that all 9,800 affected participants had been notified.
But ABC Investigations has established this is not the case. The ABC spoke with 20 victims of the breach, all but one — who later found a notice in her junk mail said they had not received a notification or even heard of the hack.
The leaked CTARS database, verified by the ABC, included Medicare numbers, medical information, tax file numbers, prescription records, mental health diagnoses, welfare checks, and observations about high-risk behaviour such as eating disorders, self-harm
and suicide attempts.
"It's really, really violating," said Zac, whose leaked data included severe allergy listings for common food and medicine,
"I may not like to think of myself as vulnerable but I guess I am quite vulnerable, particularly living alone. Allergy records, things that are really sensitive, [are kept] private between me and my doctor and no one else but the people
who support me. That's not the sort of information that you want getting into the wrong hands, particularly when ... you don't have a lot of people around you to advocate for you."

The CTARS database is just one of many thousands being traded on the ever-growing cybercrime black market. These postings appear on both the clear web used everyday through common web browsers and on the dark web which requires special software for access.
The scale of the problem is illustrated by the low prices being demanded for confidential data. ABC Investigations found users selling personal information and log-in credentials to individual Australian accounts which included MyGov, the ATO and Virgin Money for between $1 to $10 USD.
MyGov and ATO services are built with two-factor authentication, which protects accounts with compromised usernames and passwords, but those same login details could be used as a means to bypass less-secure services.
One cyber intelligence expert showed the ABC a popular hackers forum, in which remote access to an Australian manufacturing company was auctioned for up to $500. He declined to identify the company.
CyberCX's Ms Mansted said the "black economy" in stolen data and hacking services was by some measures the third largest economy in the world, surpassed only by the US and Chinese GDP.
"The cost of buying a person's personal information or buying access to hack into a corporation, that's actually declining over time, because there is so much information and so much data out there," said Ms Mansted.
Cyber threat investigator Paul Nevin monitors online forums where hundreds of Australians' login data are traded each week.
"The volume of them was staggering to me," said Mr Nevin, whose company Cybermerc runs surveillance on malicious actors and trains Australian defence officials.
"In the past, we'd see small scatterings of accounts but now, this whole marketplace has been commoditised and fully automated.
The development of that capability has only been around for a few years but it shows you just how successful these actors are at what they do."
In Melbourne, the Kilvington Grammar School community is reeling after more than 1,000 current and former students had their personal data leaked in October by a prolific ransomware gang, Lockbit 3.0.
The independent school informed parents via emails, including one on November 2 that stated an "unknown third party has published a limited amount of data taken from our systems".
Correspondence sent to parents indicated this "sensitive information" included contact details of parents, Medicare details and health information such as allergies, as well as some credit card information. However, the cache of information actually published by Lockbit 3.0 was far more extensive than initially suggested.

ABC Investigations can reveal the ransomware group published highly confidential documents containing the bank account numbers of parents, legal and debt disputes between the school and families, report cards, and individual test results.
Most shocking was the publication of details concerning the investigation into a teacher accused of assaulting a child and privileged legal advice about the death of a student.
Kilvington Grammar has been at the centre of a coronial inquest into Lachlan Cook, 16, who died after suffering complications of Type 1 diabetes during a school trip to Vietnam in 2019. Lachlan became critically ill and started vomiting, which was mistaken for gastroenteritis rather than a rare complication of his diabetes.
The coroner has indicated she will find the death was preventable because neither the school nor the tour operator, World Challenge, provided specific care for the teenager's diabetes.
Lachlan's parents declined to comment, but ABC Investigations understands they did not receive notification from the school that sensitive legal documents about his death were stolen and published online.
Other Australian organisations recently targeted by Lockbit 3.0 included a law firm, a wealth management firm for high-net-worth individuals, and a major hospitality company.

Kurtn 7 Dec 11
You must be a member of this group before commenting. Join Group

Enjoy being online again!

Welcome to the community of good people who base their values on evidence and appreciate civil discourse - the social network you will enjoy.

Create your free account


Feel free to reply to any comment by clicking the "Reply" button.


A link for those that want the source: []

anglophone Level 8 Dec 11, 2022

ATO and myGov a worry. Kinda glad though as it means a fully digital world, including money, is a ways off as long as keeping ID security integral in the digital world remains so unsecured and seemingly easy to hack and be compromised.

puff Level 7 Dec 11, 2022

Australian Signals Directorate is supposed to be our online security agency. Kinda quiet now that we have real present threats to our security. Seems they are too busy censoring Australian citizens media and cyber traffic. Perhaps Peter Dutton can explain to us what perceived possible internal terror threat trumps actual Cyber terrorism?? Albo please explain why these hackers have such a free reign and we are too backward to stop them. Where is the Aust Signals Directorate??? Holidaying in Hawaii with Scomo??

@Kurtn What we need to do is develop our own software, using blockchain I suspect. Totally secure so no-one can hack. A bit of Aussie ingenuity like wine bags, fibre optic cable and the Hills Hoist.

@puff i second that motion

Recent Visitors 10

Photos 143 More

Posted by FrayedBearThis amused me. How about you? "Don’t worry about the world coming to an end today. It is already tomorrow in Australia." Charles Shulz

Posted by FrayedBearNine chairman, and former Australian Treasurer, Peter Costello is now promoting war with China after making $millions lobbying for defence companies BY SHANE DOWLING ON MARCH 12, 2023

Posted by FrayedBearIt has taken since 1986 for the Australian Human Rights Commission to release papers & a suggested draft for incorporation into Australian law to protect all citizens.

Posted by FrayedBearIt has taken since 1986 for the Australian Human Rights Commission to release papers & a suggested draft for incorporation into Australian law to protect all citizens.

Posted by FrayedBearIt has taken since 1986 for the Australian Human Rights Commission to release papers & a suggested draft for incorporation into Australian law to protect all citizens.

Posted by FrayedBearIt has taken since 1986 for the Australian Human Rights Commission to release papers & a suggested draft for incorporation into Australian law to protect all citizens.

Posted by FrayedBearWhat a con - mRNA vaccinations?

Posted by FrayedBearWhy is the Murdoch media not widely reporting this apparent scandal that should prevent the NSW Premier being re-elected for a further 4 years?

Posted by Kurtnsign of the times

Posted by KurtnWhat is there to say.. It is channel 9 after all.

Posted by Kurtn‘right to privacy’

Posted by FrayedBearAustralian Government failure on whistle blowers?

Posted by FrayedBearJust noticed that an American Company with a UK manufacturing plant has decided that Australian citizens need more sugar, protein & carbohydrates than their English market.

Posted by TriphidLeader of the Lying Narcissists Party and Opposition, Peter, Dum-Dum, Potato-head, Boofhead DUHHtton photographed here practicing for his next employment as a the first and ONLY Sub-human Flycatcher.

Posted by TriphidA little advice from M.P. Beetroot-head.

Posted by TriphidLatest from the Media photo albums, The Leaders of the Liberal-National Parties with the remains of one of their PREHISTORIC relatives.

  • Top tags#Australia #government #video #world #religious #god #friends #hope #politicians #religion #laws #minister #federal #money #media #reason #children #DonaldTrump #politics #liberal #Police #community #Christian #Jesus #Atheist #death #church #atheism #rights #hell #parents #China #evidence #policy #military #USA #corruption #religions #book #truth #dogs #agnostic #trolls #justice #vote #chinese #hello #nation #kids #population ...

    Members 370Top