Cybercrime , Fraud Management & Cybercrime , Geo Focus: Asia

Most Australian Breaches in 2023 Began With Credential Theft

Agency Says Credential-Based Attacks Are Causing More Damage Than Ransomware
Most Australian Breaches in 2023 Began With Credential Theft
On the left, Australian Information Commissioner Angelene Falk at the IAPP ANZ Summit in November (Image: OAIC)

Poor credential management practices hit Australian organizations hard in late 2023, accounting for a majority of cyber incidents affecting millions of people, the Office of the Australian Information Commissioner said.

See Also: From Epidemic to Opportunity: Defend Against Authorized Transfer Scams

The office on Thursday released data breach figures for July to December 2023 and said that compromised or stolen credentials accounted for a majority of cybersecurity incidents and 1 in 4 reported data breaches.

The agency said data breach notifications rose by 19% in the second half of the year, led by many successful campaigns by cybercriminals that used phishing, brute force attacks and other methods to gain access to corporate or customer credentials.

Attacks involving compromised or stolen credentials accounted for 56% of all cybersecurity incidents, compared to 27% for ransomware attacks.

The OAIC's findings come a week after cybercriminals used stolen passwords from previous breaches to hack into the Ticketet accounts of thousands of people who purchased tickets for Taylor Swift's "Eras Tour" concerts in Sydney and Melbourne. The scammers then sold those tickets at a premium to others, according to New South Wales police.

"The scammers will advertise their tickets 'at cost price' with a story behind why they can no longer attend. They may try to rush you into buying the tickets and transferring them money," police warned. "As well as the ticket price, they'll likely ask you to pay the extra fees to change the name on the ticket."

"Credential stuffing is a type of hack in which cybercriminals use previously stolen passwords from one website and try to reuse them elsewhere. This is what has happened to some Taylor Swift ticket holders whose accounts were hacked and their tickets were resold," said Australian cybersecurity minister Clare O'Neil.

On Sunday, hackers compromised the credentials of a contractor and accessed a legacy database of Australian telecom provider Tangerine. The company said Wednesday that the breach may have exposed the personal information of 232,000 subscribers (see: Breach at Aussie Telecom Tangerine Affects 232,000 Customers).

O'Neil tweeted that all organizations need to focus on securing access: "This is just one more reason for using strong and unique passphrases for different accounts and enabling multifactor authentication where possible. Remember: Cybersecurity will never go out of style."

The OAIC found that cybercriminals and scammers had reached more victims from password-related attacks than from ransomware. Brute force attacks affected an average of 803,222 individuals across seven incidents, and ransomware attacks affected an average of 57,900 individuals across 56 incidents.

About the Author

Jayant Chakravarti

Jayant Chakravarti

Senior Editor, APAC

Chakravarti covers cybersecurity developments in the Asia-Pacific region. He has been writing about technology since 2014, including for Ziff Davis.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.