auDA has completed its investigation into the alleged cyber incident.
auDA’s comprehensive investigation indicates that there is no evidence that cyber criminals have accessed auDA systems or have auDA data.
What occurred
On Friday 18 August auDA became aware that cyber criminals claimed to have accessed auDA data. We quickly alerted authorities and since that time have worked diligently to verify their claim. auDA also engaged additional specialist services to support it to manage this incident.
On Sunday 20 August, the cyber criminals leaked a small sample of data (five screenshots) that they claimed was from auDA systems. Upon receiving the screenshots, we continued our investigation and identified the files listed in the screenshots were not stored on auDA systems.
Our investigation has identified:
- The source of the data breach was an Australian sole trader, with an Australian domain name
- That sole trader’s server was subject to a malware attack by the cyber criminal on 10 August 2023
- The sole trader’s data was encrypted and a ransom payment was sought
- The sole trader did not respond to the cyber criminal and did not pay any ransom
- auDA was then alerted that the cyber criminal claimed to be in possession of auDA data and commenced an investigation immediately
- There is no evidence that cyber criminals have accessed auDA systems, or have obtained auDA data.
Next steps
Data security is of utmost importance to auDA. We remain vigilant to security threats at all times.
We again encourage everyone to remain vigilant to potential malicious online activity. We remind individuals, sole traders, small businesses and other organisations to ensure that their computers and servers are patched to the latest versions of operating systems and application software.
ENDS
For queries: contact auDA here or call us on 1300 732 929 (within Australia) or +61 3 8341 4111 (international).
For media: contact media@auda.org.au.
