In a troubling development for Australia’s cybersecurity landscape, the Department of Home Affairs has confirmed that sensitive personal data has been compromised following a breach at ZircoDATA, a third-party data management firm. This breach, attributed to the notorious Black Basta ransomware gang, involved the theft of approximately 395 gigabytes of data, including financial documents and personal user information. The Department’s Free Translating Service, managed by The Migration Translators—a subsidiary of ZircoDATA—has been directly impacted, with compromised data potentially including users’ full names, dates of birth, mobile numbers, email addresses, visa details, and even driver’s license and passport information.
ZircoDATA’s breach came to light in February when the ransomware group listed the stolen data on a dark web leak site, revealing the severity of the incident. Following this, the firm began its investigation and response, notifying relevant authorities such as the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC). By July 2024, ZircoDATA had informed the Department of Home Affairs about the breach and the potential exposure of sensitive data. Despite confirming that its own systems remained unaffected, Home Affairs acknowledged that cybercriminals had accessed data stored by ZircoDATA.
This incident is not an isolated case, as it has also affected other organizations, including public healthcare provider Monash Health. Monash Health revealed that sensitive data related to domestic violence support services was among the information accessed during the ZircoDATA breach. The healthcare provider confirmed that it had received information indicating that archived data from the family violence and sexual assault support units had been compromised, raising serious concerns about the safety of vulnerable populations whose information was exposed.
The National Cyber Security Coordinator, Lieutenant General Michelle McGuinness, stated that the investigation into the breach’s full extent is ongoing, with several government entities still working with ZircoDATA to identify the impacted data and affected individuals. The Australian government is committed to ensuring that those whose information has been compromised are notified and supported. This incident underscores the critical need for stringent cybersecurity measures, particularly when sensitive personal data is managed by third-party contractors, to protect individuals from potential harm and exploitation.
Reference:
