Top 7 Biggest Data Breaches In Australia

Photo of author
Written By Cooper Bancroft

I'm Cooper Bancroft, a Melbourne-based web designer with 9+ years of experience. I believe in the transformative power of a well-designed website for businesses, bloggers, and online stores.

Top 7 Biggest Data Breaches In Australia

Data breaches can be disastrous for any business, especially when sensitive client information is at risk. According to an ABS survey, 1 in 10 Australian businesses experienced data breaches in 2018. This article highlights the seven biggest data breaches in Australia and what we can learn from them.

Red Cross

The biggest data breach in Australia occurred in 2016 when a 1.74 GB file containing the donor records of 1.28 million people was stolen from the servers of the Red Cross Blood Service. The stolen data included personal information such as names, addresses, dates of birth, and medical histories. Businesses must prioritize cybersecurity measures, and in case of a breach, they should follow protocols and inform their clients immediately.


Nova entertainment experienced a massive security breach in late 2018, in which over 250,000 customers had their personal information stolen by hackers. The majority of the stolen data was collected between 2009 and 2011. Although the passwords were protected by hashing, it is important to take preventive measures and ensure passwords are strong and difficult to guess.

LandMark White

In early 2019, property valuation firm LandMark White suffered a data breach that affected approximately 100,000 customers. Although bank account information was not stolen, personal contact details and property valuation information were compromised. Lenders like the Commonwealth Bank of Australia and ANZ Bank suspended LandMark White from their valuer panels during the investigation. Australian businesses must ensure they have adequate security protocols in place and ensure their third-party vendors do too.


Software firm Citrix experienced a massive data breach in March 2019. Although the company is still not sure what documents were accessed, as much as 6TB of data was stolen through a brute-force method called “password spraying.” Australian companies must encourage their employees to use strong passwords and implement multifactor authentication where possible.


Design company Canva experienced a data breach in the summer of 2019 that affected as many as 139 million users. The hackers stole usernames, passwords, and email addresses. Canva faced public criticism for their handling of the attack and notification of customers. This highlights the importance of prompt and transparent communication with clients during and after a data breach.

Australian National University

In early June 2019, Australian National University reported a major data breach that affected some 200,000 individuals connected to the university. The hackers obtained data about staff, students, and payroll information stretching back almost 19 years. Although no credit card information or sensitive financial information was taken, personal information such as names, addresses, and tax file numbers were compromised. This breach emphasizes the importance of regularly reviewing and updating security protocols and keeping them up-to-date with the latest threats.

Australian Catholic University

In June 2019, Australian Catholic University reported that a number of staff and student email accounts had been stolen by hackers through a phishing scheme. Personal details such as bank account information, staff and student calendars, and other sensitive information were compromised. This breach highlights the importance of regular cybersecurity training for employees to prevent such attacks.

In conclusion, these data breaches serve as a reminder that businesses must prioritize cybersecurity measures and ensure they have adequate security protocols in place. It is important to regularly review and update these protocols and keep them up-to-date with the latest threats. Australian companies must take a proactive approach to cybersecurity and be transparent and prompt in notifying their clients of any breaches.


As the integration of digital technologies becomes increasingly vital to modern society, it is anticipated that the number of attempted data breaches will rise. A report released by the Office of the Australian Information Commissioner (OAIC) indicated that over 10 million individuals in Australia have experienced the release of their personal data due to a breach within the past year.

To prevent similar breaches from occurring within your own business, it is recommended that you select an Australian-based dedicated web host that is securely hosted with numerous malware and virus protection systems. Alternatively, a VPS web host that is equally as secure may be chosen. For more information, please refer to my post detailing the best VPS web hosting Australia has to offer. Personally, I prefer to utilize a cloud web hosting provider due to the multiple servers they offer in the event of a security breach.

With Australia’s current population hovering around 25 million individuals, it is apparent that almost half of the nation has fallen victim to having their data stolen online. For this reason, it is imperative that business owners and web administrators alike recognize the warning signs of a data breach and take precautionary measures to safeguard against the leaking of sensitive information.

Leave a comment