A recent cyber attack has targeted ZicroDATA, a technology service provider, leading to the unauthorized exposure of sensitive data related to Australian visa holders. The breach has compromised a range of information, including personal identifiers such as full names, phone numbers, dates of birth, driving license information, passport numbers, and elements of medical histories.
While there is currently no evidence of the leaked information being exploited, the implications of this breach are profound, affecting multiple sectors—including law enforcement, national security, emergency management, immigration, and cybersecurity—due to ZicroDATA’s extensive service relationships with these agencies, in addition to the Department of Home Affairs (DHA).
Such sensitive data is often a goldmine for malicious entities, as it can facilitate phishing schemes, identity theft, and various social engineering tactics. The initial cyber attack occurred in January 2024, and by February, segments of the compromised information were being offered for sale on dark web marketplaces. However, ZicroDATA did not formally report the data breach to the DHA until June, revealing that the incident affected all visa applicants who utilized their Free Translation Service (FTS) from 2017 to 2022, while safeguarding data of other applicants.
In a parallel development, Monash Health confirmed in May that it had detected a data compromise involving archival information stored on ZicroDATA’s platform, dating back as far as 1969 to 1993. This adds another layer of concern regarding the meticulous safeguarding of historical data.
Michelle McGuiness, coordinator of National Cyber Security, stated that the Australian government was made aware of the incident in May and has initiated an investigation. The findings are anticipated to be disclosed by mid-next month, which will better outline the extent of the breach and those affected.
ZicroDATA specializes in Records and Information Management services, including document digitization, data storage, language translation, and secure data destruction, since its inception in 1995. In light of this breach, the company views the incident as a critical alert, prompting them to enhance their cybersecurity framework with a comprehensive upgrade scheduled for completion by August 2024.
