NCS acquires Dialog IT

By

-

March 7, 2022

Acquisition accelerates NCS’ regionalisation strategy in APAC and increases synergies between Australia and Singapore
Combines tech capabilities of NCS and Dialog to provide stronger end-to-end core IT and digital services for government and enterprise clients
Increases in-market headcount to 1,300 and provides new growth opportunities for Australian talent

SINGAPORE, AUSTRALIA, 7 MARCH 2022 – NCS today announced its acquisition of Australia’s largest privately-owned IT services company, The Dialog Group (Dialog), to better support the Australian public sector and enterprise clients in addressing their rising digital transformation needs. The acquisition of Dialog for A$325 million (S$325 million) is geared to unlock new growth opportunities in the Australian market and accelerate NCS’ regionalisation strategy. Reputed for its extensive services portfolio from IT consulting, application development to managed application services, Dialog has presence across Brisbane, Sydney, Melbourne, Canberra, Perth, Darwin, and Adelaide.

Mr Ng Kuo Pin, CEO of NCS, said, “This acquisition is a significant step in the regionalisation of NCS and leverages the combined strengths of NCS and Dialog and their established track records and reputations across both Singapore and Australia. The scale of this acquisition, our largest to date, reflects our firm commitment to growing our business beyond the shores of Singapore, particularly in Australia where we can also leverage the strategic presence of the Singtel Group.”

The acquisition combines Dialog’s core IT capabilities and NCS NEXT digital services to bolster its focus on innovation, cloud, artificial intelligence and data analytics. It also trebles the number of highly skilled IT specialists in its operations in Australia to 1,300 – ready to support clients from a multitude of sectors including government, healthcare, transport, communications, financial and commercial services. This combination of talent and expertise will create a stronger end-to-end suite of technology and digital services for NCS’ clients in Australia and across the region.

Ng added, “At NCS, our purpose is to advance our communities by harnessing technology and bringing people together to make the extraordinary happen. Similarly, Dialog’s commitment to clients and technology has made it one of the leading tech companies in Australia, serving both government and enterprise clients. This alignment of purpose makes Dialog a perfect fit. Collectively, our capabilities, talent and reach will fortify and consolidate our position in Australia and help our clients and the industry meet the digital transformation demands of the future economy.”

Advancing market position in Australia

As part of its transformational growth plan, NCS has been scaling its presence in Australia since December 2020 to serve clients in Australia through NCS NEXT, its digital innovation and services arm – which supports enterprises’ growing demand for digital transformation solutions. Together, Dialog and NCS will have greater opportunities for synergistic growth between Australia and Singapore as well as expertise to better support the needs of clients across both markets.

This latest deal follows NCS NEXT’s acquisition of Riley, a cloud consultancy with dedicated expertise in Google cloud applications and a majority investment in Eighty20 Solutions, a cloud transformation specialist with unique capabilities across Microsoft cloud platforms, thus offering a ‘best-of-cloud’ service portfolio to the Australian market.

Mr Alan Key, Dialog’s CEO commented, “Together, we will have a strong breadth and depth of capabilities and expertise for our clients here in Australia. Both NCS and Dialog’s talent development cultures and programmes will develop the best talent pipeline and create exciting jobs and growth opportunities.”

According to Gartner, IT spending in Australia is showing its strongest growth in a decade and is projected to grow 6.5% in 2022. The largest IT spending segment in Australia is IT services, which is expected to grow to A$39 billion in 2022[1].

Combined capabilities drive innovation and co-creation

With one of the highest Net-Promoter Scores (NPS) in the industry and a long-standing client base of governments and large enterprises, Dialog understands the unique needs of the market and augments NCS’ commitment to better serve a diverse range of clients in Government, Healthcare, Transportation, Financial Services, Industrial, Commercial, Communications, Media, and Technology sectors.

Government and enterprise clients can now access deep-tech capabilities across 55 specialisations to support their transformation needs including harnessing innovative digital and cloud technologies. They will also be able to leverage synergies from NCS NEXT Innovation Centres, spanning Singapore and Melbourne, to drive innovation through cross-border collaboration and co-creation.

A great place for talent to grow

The newly combined NCS and Dialog will unlock synergies in talent development and build a steady pipeline of tech talent for the Australian market. With the increased market presence, NCS and Dialog employees will have more options to achieve personal growth and mastery, opportunities to move across specialisations and work in various regions and industries, with different clients and partners to gain a wide range of experience. Depending on their skillsets and areas of interest, they also get to be involved in exciting and impactful projects, reflecting NCS’ commitment to building a place for talent to grow and thrive professionally.

The completion of the acquisition is subject to fulfilment of closing conditions, including relevant approvals from regulatory authorities and other third parties, and is expected to be completed within three months.

https://www.ncs.co/en-au/about-us/newsroom/ncs-fortifies-market-presence-in-australia-and-apac-with-s-325-million-acquisition-of-the-dialog-group/

Data breaches 2021 in Australia

By

admin

-

December 31, 2021

0

Lastpass – December 2021

LastPass Says It Didn’t Leak Your Password

Ubisoft – December 2021

Huawei – December 2021

Key details of Huawei security breach in Australia revealed

Victoria Police – December 2021

Charges over Victoria Police data breach

Finite Recruitment – December 2021

SA Government – December 2021

Gravatar – December 2021

Gravatar profile add-on leaks data on millions of users | Details of just under 114 million users in hackers’ hands

Panasonic – November 2021

ACT Government – November 2021

Tabcorp – November 2021

Tabcorp says bad data, technical error behind online betting breach | Took in-play bets on a US college basketball game

Australia’s Copyright Agency – November 2021

Australia’s Copyright Agency | investigates cyber incident | Notifies 37,000-plus members

GoDaddy – November 2021

Accenture – August 2021

FIFA21 – August 2021

Hackers ditch FIFA 21 secrets online after failed extortion attempt

Optus – 2019 Update

SafeWA – August 2021

Senior health officials raised concerns about SafeWA data breach long before election

Melbourne City Mission and the Department of Health and Human Services – 2017 Update

Victorian Ombudsman launches investigation into handling of child protection data breach

Uber – 2016 Update

Uber slapped on wrist for massive data breach | US parent argues exemption from privacy laws
Uber found to have breached privacy of 1.2 million Aussies in 2016| Privacy watchdog releases findings of investigation
Uber interfered with privacy of 1.2 million Australians

NSW Department of Education – July 2021

NSW Education Dept downed by cyber attack
NSW Education had unknown vulnerability in breached system
Notifying individuals affected by July’s cyber incident
Department of Education networks | The NSW Department of Education has been a victim of a cyber-security attack

Tasmanian State Growth – July 2021

Employee allegedly passed drivers’ information to debt collector

LimeVPN – July 2021

LimeVPN Suffers Major Data Breach, Over 69K Users at Risk | A hacker stole the backup database, customer payment details, private keys, and took the website offline.

Morningstar – June 2021

Morningstar data breach reveals KPMG deal maker lists | A software glitch has exposed the key companies garnering the interest of big four advisory group KPMG’s deal makers and restructuring experts.

LinkedIn – June 2021

LinkedIn denies data breach with 700 million records | Personal information on members found for sale
LinkedIn data from 700 million users for sale on hacking forum
LinkedIn hacked again — personal info of 756 million users leaked

Carnival Cruises – June 2021

Cruise operator Carnival discloses personal data breach

Uniting Communities – June 2021

Uniting Communities investigating possible data breach amid ‘cyber incident’

Ray White – June 2021

Former Ray White real estate agent Ant Manton investigated for alleged data theft

NSW Health – June 2021

Air India – May 2021

TPG – May 2021

TPG confirms data on dark web belongs to its customer

NAB 2019 – April 2021

NAB fired IT worker over data breach | Uploaded data of 13,000 customers to third-party servers
NAB repays customers $687k for data breach

UnitingCare Queensland – April 2021

UnitingCare Queensland hit by cyber attack | Ransomware infection reportedly impacts hospitals and aged care facilities

Swinburne University – April 2021

Swinburne University data breach exposes details of 5000 staff, students | Seven years of event registrations found online.
Details of over 5,000 people exposed in Swinburne uni breach

Ubiquiti – April 2021

Shanghai Security Database – April 2021

Australians flagged in Shanghai security files which shed light on China’s surveillance state and monitoring of Uyghurs

Facebook – April 2021

Eastern Health – March 2021

Victorian hospitals hit by cyber attack | Forces postponement of non-urgent elective surgeries

WA Parliamentary Email Network – March 2021

China suspected of cyber attack on Western Australia’s Parliament during state election

Microsoft – March 2021

SITA – March 2021

SITA data breach affects millions of airline passengers | Passenger data from multiple airlines has been acquired by hackers

Minister’s Private Email Accounts – February 2021

‘Security risks’: Ministers’ private email accounts in historical data breach

Transport for NSW – February 2021

Transport for NSW data stolen in Accellion breach | Agency probes customer impact

SingTel – February 2021

Optus parent organization SingTel assesses potential Accellion data breach

Accellion – February 2021

NT Health – February 2021

NT Health Leaks Thousands of Emails in Data Breach

QIMR Berghofer Medical Research Institute – February 2021

Qld research institute suffers data breach

Service NSW – 2020 Update

20,000 people still unaware of Service NSW breach | Affected residents don’t know their data was stolen last year
Service NSW struggling to contact thousands of cyber attack victims

Oxfam – February 2021

Oxfam Australia investigates suspected data breach | Tries to work out what data was accessed

ASIC – January 2021

ASIC joins Reserve Bank NZ as victim of Accellion hack | Used server to transfer files on credit licence applications
ASIC server hit by cyber security breach

Tasmanian Ambulance – January 2021

Data Breaches 2021

By

admin

-

November 22, 2021

0

Ubiquiti Inc.

January 11, 2021: One of the biggest Internet of Things (IoT) technology vendors, Ubiquiti, Inc., alerted its customers of a data breach caused by unauthorized access to their database through a third-party cloud provider. The email communication advised customers to change passwords and enable multi-factor authentication. The data exposed may include an undisclosed number of customer names, email addresses, hashed and salted passwords, addresses and phone numbers.

SOURCE | TechCrunch

Parler

January 11, 2021: News of the conservative social media app, Parler, having its data scraped by a hacker came to light after Amazon Web Services removed the platform from its servers. The 70TB of leaked information includes 99.9% of posts, messages, and video data containing EXIF data — metadata of date, time and location. Parler’s Verified Citizens, or users who had verified their identity by uploading their driver’s license or other government-issued photo ID, were also exposed.

SOURCE | CyberNews

Facebook, Instagram and LinkedIn

January 11, 2021: A Chinese social media management company, Socialarks, suffered a data leak through an unsecured database that exposed account details and Personally Identifiable Information (PII) of at least 214 million social media users from Facebook and Instagram and LinkedIn. The exposed information for each platform varies but includes users’ names, phone numbers, email addresses, profile links, usernames, profile pictures, profile description, follower and engagement logistics, location, Messenger ID, website link, job profile, LinkedIn profile link, connected social media account login names and company name.

SOURCE | Security Magazine

Mimecast

January 12, 2021: A cybercriminal compromised a certificate used to authenticate Mimecast’s Sync and Recover, Continuity Monitor, and Internal Email Protect (IEP) products to Microsoft 365. Mimecast is a cloud-based email management service that provides email security services for Microsoft 365 accounts. According to the company, approximately 10 percent of its customers used the compromised connection, but have since been asked to reinstall a newly issued certificate.

SOURCE | CRN.com

Pixlr

January 20, 2021: A database containing 1.9 million user records belonging to Pixlr, a free online photo-editing application, was leaked by a hacker. The database was stolen at the same time as the attack on 123RF, which exposed over 83 million user records. The leaked records include email addresses, usernames, hashed passwords, user’s country, whether they signed up for the newsletter and other sensitive information.

SOURCE: BleepingComputer

MeetMindful

January 24, 2021: The dating platform, MeetMindful.com, was hacked by a well-known hacker and had its user’s account details and personal information posted for free in a hacker forum. The leaked details of more than 2.28 million users registered included names, email addresses, location details, dating preferences, marital status, birth dates, IP addresses, Bcrypt-hashed account passwords, Facebook user IDs and Facebook authentication tokens.

SOURCE | ZDNet

Bonobos

January 22, 2021: Customer data was stolen from the men’s clothing retailer, Bonobos, was found for free in a hacker forum after a cybercriminal downloaded the company’s backup cloud data. The exposed database contains order information for over 7 million customers, including addresses, phone numbers and account information for 1.8 million registered customers, and 3.5 million partial credit card records.

SOURCE | BleepingComputer

VIPGames

January 26, 2021: VIPGames.com, a free gaming platform, exposed over 23 million records for more than 66,000 desktop and mobile users due to a cloud misconfiguration. The leaked user records include usernames, emails, IP addresses, hashed passwords, Facebook, Twitter and Google IDs, bets and data on players who were banned from the platform.

SOURCE | Threatpost

U.S. Cellular

January 28, 2021: Through a targeted attack on retail employees of U.S. Cellular, the fourth-largest wireless carrier in the U.S., hackers were able to scam employees into downloading malicious software onto company computers. Once downloaded, the software granted remote access to the company devices and to the customer relationship management (CRM) software containing account records for 4.9 million customers. The company states that 276 customers were impacted and notified of the security incident. While viewing a customers’ account in the CRM, the hacker had access to names, addresses, PINs, cell phone numbers, service plans and billing/usage statements.

SOURCE | BleepingComputer

“Compilation of Many Breaches” (COMB)

February 2, 2021: A database containing more than 3.2 billion unique pairs of cleartext emails and passwords belonging to past leaks from Netflix, LinkedIn, Exploit.in, Bitcoin, Yahoo, and more were discovered online. This is the largest compilation of data from multiple breaches, which is where the name “Compilation of Many Breaches” or COMB comes from. The searchable and well-organized database was leaked to a popular hacking forum, giving hackers access to account credentials, including approximately 200 million Gmail addresses and 450 million Yahoo email addresses.

SOURCE | CyberNews

Nebraska Medicine

February 10, 2021: A malware attack allowed a hacker to access and copy files containing the personal and medical information of 219,000 patients of Nebraska Medicine. The health network notified affected individuals that the accessed information includes names, addresses, dates of birth, medical record numbers, health insurance information, physician notes, laboratory results, imaging, diagnosis information, treatment information, and/or prescription information and a limited number of Social Security numbers and driver’s license numbers.

SOURCE | HIPAA Journal

California DMV

February 18, 2021: The California Department of Motor Vehicles (DMV) alerted drivers they suffered a data breach after billing contractor, Automatic Funds Transfer Services, was hit by a ransomware attack. The attack exposed drivers’ personal information from the last 20 months of California vehicle registration records, including names, addresses, license plate numbers and vehicle identification numbers (VINs).

SOURCE | TechCrunch

Kroger

February 20, 2021: A third-party data breach at cloud solutions company, Accellion, allowed hackers to steal human resources data and pharmacy records belonging to the supermarket giant, Kroger. The records disclosed could include names, email addresses, phone numbers, home addresses, dates of birth, Social Security numbers as well as information on health insurance, prescriptions and medical history.

SOURCE | BleepingComputer

T-Mobile

February 26, 2021: An undisclosed number of T-Mobile customers were affected by SIM swap attacks, or SIM hijacking, where scammers take control of and switch phone numbers over to a SIM card they own using social engineering. With access to customer phone numbers, scammers receive messages and calls which allows them to log into the victims’ bank accounts to steal money, change account passwords, and even locking the victims out of their own accounts that use two-factor authentication. The attack also exposed customer information including names, addresses, email addresses, account numbers, social security numbers (SSNs), account personal identification numbers (PIN), account security questions and answers, date of birth, plan information and the number of lines subscribed to their accounts.

SOURCE | BleepingComputer

Microsoft Exchange

March 3, 2021: Cybercriminals have targeted four security flaws in Microsoft Exchange Server email software. The attackers used the bugs on the Exchange servers to access email accounts of at least 30,000 organizations across the United States, including small businesses, towns, cities and local governments. The cyberattack gives the hackers total remote control over affected systems, allowing for potential data theft and further compromise.

SOURCE | ZDNet

SITA

March 4, 2021: The global IT company, SITA, which supports 90% of the world’s airlines confirmed it fell victim to a cyberattack, exposing the personally identifiable information (PII) belonging to an undisclosed number of airline passengers. The stolen information includes names, traveler’s service card numbers and status level.

SOURCE | TechRadar

MultiCare

March 9, 2021: A third-party ransomware attack exposed the personal information of over 200,000 patients, providers and staff of MultiCare Health System, a non-profit health care organization. The attack allowed access to personal information including names, insurance policy numbers, Social Security numbers, dates of birth and bank account numbers.

SOURCE | KOMONews

California State Controller’s Office (SCO)

March 23, 2021: A phishing attack targeting the California State Controller’s Office (SCO) Unclaimed Property Division led to an employee clicking on a malicious link, logging into a fake website and granting a hacker access to their email account. The criminal had access to the account for 24 hours, allowing permission to view Personally Identifying Information (PII) contained in Unclaimed Property Holder Reports and to send more phishing emails to the hacked SCO employee’s contacts. The number of employees affected and the types of personal information impacted have not been disclosed.

SOURCE | Krebs on Security

Hobby Lobby

March 23, 2021: A database containing records of over 300,000 customers of the arts and crafts chain store, Hobby Lobby, was exposed after the company suffered a cloud-bucket misconfiguration. The disclosed information included customer names, phone numbers, physical and email addresses, and the last four digits of their payment card, as well as the source code for the company’s app.

SOURCE | Threatpost

Cancer Treatment Centers of America

March 26, 2021: The Cancer Treatment Centers of America sent out notifications to 104,808 patients, alerting them a compromised email account led to medical information being accessed by an unknown third-party. The compromised account contained patient names, health insurance information, medical record numbers, CTCA account numbers and limited medical information.

SOURCE | HIPAA Journal

Facebook

April 3, 2021: The personal data of 533 million Facebook users from 106 countries has been posted online for free in a low-level hacking forum. The data was scraped in a vulnerability that the company patched in 2019, and includes users’ phone numbers, full names, location, email address and biographical information.

SOURCE | Washington Post

LinkedIn

April 6, 2021: Over 500 million LinkedIn user profiles were discovered on the Dark Web. The hackers shared two million of these LinkedIn records for only $2 total to prove the legitimacy of the information in the stolen data. The LinkedIn account users’ data was scrapped or imported from the website into a database, and includes names, LinkedIn account IDs, email addresses, phone numbers, gender, LinkedIn profile links, connected social media profile links, professional titles and other work-related personal data.

SOURCE | Cybernews

ClubHouse

April 10, 2021: A database containing 1.3 million scraped Clubhouse user records were leaked for free on a popular hacker forum. The leaked database from the audio chat social network includes user ID, name, photo URL, username, Twitter handle, Instagram handle, number of followers, number of people followed by the user, and account creation date – all of which the company claims is public information.

SOURCE | Cybernews

ParkMobile

April 12, 2021: A third-party software vulnerability is responsible for exposing 21 million customer records belonging to ParkMobile, a contactless payment parking app. The stolen data includes email addresses, phone numbers, license plate numbers, hashed passwords and mailing addresses.

SOURCE | Krebs on Security

GEICO

April 19, 2021: The auto insurance company Government Employees Insurance Company, known as GEICO, filed a data breach notice announcing information gathered from other sources was used to “obtain unauthorized access to your driver’s license number through the online sales system on our website.” The total normal of insured drivers affected has not been disclosed but the hackers had access between January 21 and March 1.

SOURCE | TechCrunch

Reverb

April 24, 2021: A database containing the personal details of over 5.6 million users of the popular music instruments online marketplace Reverb was discovered after it was leaked into the Dark Web. The database contained full names, email addresses, postal addresses, phone numbers, listing/order count, PayPal account email, IP address and more.

SOURCE | BleepingComputer

CaptureRX

May 7, 2021: CaptureRx, a healthcare system IT company, exposed almost 2 million patient records belonging to over 100 hospitals and healthcare organizations after it was targeted by a ransomware attack. The sensitive medical information involved in the cyberattack includes names, birthdates and prescription details.

SOURCE | HIPAA Journal

Bailey & Galyen

May 14, 2021: A cyberattack targeting the law offices of Bailey & Galyen exposed the personal information of an undisclosed number of clients and employees. The PII included clients’ names, dates of birth, driver’s license or personal identification card numbers, Social Security Numbers, payment account numbers, payment card information, biometric data including but not limited to medical information and history, medical diagnosis and treatment information, health insurance information and other personal information.

SOURCE | CA Office of Attorney General

Health Plan of San Joaquin

May 17, 2021: Unauthorized access to the business email accounts at Health Plan of San Joaquin allowed the perpetrator to gain access to patients’ sensitive personal and medical information contained in messages and attachments that passed through the affected email accounts. Exposed data types include Social Security numbers, driver’s license numbers, login information, medical records such as lab results and treatment information, and more.

SOURCE | Health Plan of San Joaquin

Bose

May 25, 2021: Audio maker, Bose Corporation, disclosed a data breach following a ransomware attack. During the investigation of the ransomware’s attack impact on its network, they discovered some of its current and former employees’ personal information was accessed by the attackers. The personal information exposed in the attack includes names, Social Security Numbers, compensation information and other HR-related information.

SOURCE | BleepingComputer

Carter’s

June 11, 2021: The personal and shipping information of over 410,000 customers of the baby clothing retailer, Carter’s, were exposed due to a third-party data breach with the company’s online purchases software. The information disclosed in the data leak includes names, email addresses, billing addresses, phone numbers, purchasing details, and shipping tracking IDs and links.

SOURCE | Threatpost

Volkswagen & Audi

June 15, 2021: A third-party marketing services supplier disclosed the personal information of 3.3 million customers of Volkswagen and its Audi subsidiary. The exposed data includes their name, mailing address, email address and phone numbers. The data may also include information about a vehicle that has been purchased, leased or inquired about, including vehicle identification numbers, makes, models, years, colors and trim packages.

SOURCE | Bank Info Security

CVS Health

June 21, 2021: A third-party vendor accidentally posted an unsecured database containing more than a billion search records of CVS Health customers. The 204 GB leaked database was not password protected and included visitor and session IDs, device information, configuration data, as well as multiple records for medications, including COVID-19 vaccines and CVS products.

SOURCE | Health IT Security

Wegmans

June 21, 2021: The U.S. supermarket chain, Wegmans Food Markets, notified an undisclosed number of customers that their data was exposed after two of its cloud-based databases were misconfigured and made publicly accessible online. The personal information in the databases included customer names, addresses, phone numbers, birth dates, Shoppers Club numbers, email addresses and hashed passwords to Wegmans.com accounts.

SOURCE | Threatpost

Forefront Dermatology

July 9, 2021: U.S. healthcare provider, Forefront Dermatology, announced unauthorized access to its IT systems exposed the personal data and medical records of up to 2.4 million patients. The data exposed included patient names, addresses, dates of birth, patient account numbers, health insurance plan member ID numbers, healthcare provider names and/or medical and clinical treatment information among other sensitive data.

SOURCE | Health IT Security

Guess

July 12, 2021: The fashion retailer, Guess, notified an undisclosed number of customers of a data breach following a ransomware attack that resulted in a data breach. Sensitive information including Social Security numbers, driver’s license numbers, passport numbers and/or financial account numbers may have been accessed or acquired.

SOURCE | BleepingComputer

OneMoreLead

August 4, 2021: A marketing company, OneMoreLead, has exposed the personal records of 126 million individuals through an unsecured database posted online. The database contained names, job titles, email addresses, work email addresses, home device IP address, home address, work address, personal phone number, work phone number and employer.

SOURCE | vpnMentor

SeniorAdvisor

August 13, 2021: Cybersecurity researchers found an unsecured database containing over 3 million personal records of members belonging to a senior living review site, SeniorAdvisor. The database was not password protected and allowed access to information including names, emails, phone numbers and dates contacted.

SOURCE | Infosecurity Group

UNM Health

August 17, 2021: An unauthorized third party gained access to the personal and medical data of over 637,000 patients of UNM Health. The information gathered by the third party includes patient names, addresses, dates of birth, medical record numbers, patient identification numbers, health insurance information and some clinical information related to the healthcare services provided by UNM Health.

SOURCE | HIPAA Journal

Microsoft Power Apps

August 24, 2021: A misconfiguration within Microsoft Power Apps, a Microsoft product, exposed at least 38 million records. The data leaks impacted American Airlines, Microsoft, J.B. Hunt and governments of Indiana, Maryland and New York City. The disclosed data includes COVID-19 vaccination statuses, social security numbers and email addresses.

SOURCE | Infosecurity Group

GetHealth, FitBit and Apple

September 14, 2021: An unsecured database belonging to GetHealth, a health and wellness data app, exposed over 61 million records of Apple and Fitbit users’ data related to fitness trackers and wearables. The database included names, display names, dates of birth, weight, height, genders and geolocations, the majority of which were from Fitbit devices and Apple Healthkit.

SOURCE | WebsitePlanet

Neiman Marcus

September 30, 2021: An unauthorized third-party actor accessed and obtained personal information associated with 4.6 million Neiman Marcus customers’ online accounts. The chain department store alerted customers that the information affected includes names and contact information; payment card numbers and expiration dates (without CVV numbers); Neiman Marcus virtual gift card numbers (without PINs); and usernames, passwords and security questions and answers associated with Neiman Marcus online accounts.

SOURCE | Cision

Whole Foods Market, Skaggs and Others

October 13, 2021: Cybersecurity researchers discovered an unsecured database that contained over 82 million records belonging to the supermarket Whole Foods Market and Skaggs public safety and uniform company that sells uniforms for Police, Fire and Medical customers all over the United States, and others. The exposed records included customer order records, names, physical addresses, email and partial credit card numbers, and more.

SOURCE | CoolTechZone

California Pizza Kitchen

November 22, 2021: The restaurant chain, California Pizza Kitchen (CPK), revealed a data breach that exposed the personal details of over 100,000 current and former employees. The company determined cybercriminals infiltrated its systems and gained access to certain files, including employee names and Social Security numbers.

SOURCE | TechCrunch

45M Argentina ID Theft – RENAPER

By

admin

-

October 18, 2021

0

A hacker (or hackers) has stolen the identity records for 45 million Argentinians. This hack took place (last month) in Sept 2021 by targeting the “Registro Nacional de las Personas” (RENAPER). RENAPER issues all national ID cards to the citizens of Argentina.

Where is Argentina? It’s on the southern end of South America, and very close to Antartica.

So we know this leak is real as the alleged perpetrator is publishing samples of the data on Twitter using a newly registered account @AnibalLeaks (Suspended). Anibal has started leaking details of Argentinian celebrities, the country’s president and multiple journalists, political figures, soccer stars and more.

So what is the data format?

idtramiteprincipal (Processing #)
idtranmitearjetareimpresa (Processing # on card)
ejemplar (Copy)
vencimiento (Expiration date)
emision (Data of issue)
appellido (Surnames)
nombres (Names)
fechaNacimiento (Birthdate)
cuil (Unique labor identification code)

This is how an Argentinian ID/s looks like:

https://olc.worldbank.org/system/files/Argentina-ID-Case-Study-The-Evolution-of-Identification.pdf

Estimated quantum of data leaked should be 45M records x 15 fields x 1Kb/field = ~675GB.

Insider Job?

Government authorities are investigating eight government employees about having a possible role in the leak. A VPN (Virtual Private Network) account assigned to the Ministry of Health was used to query the RENAPER database and could be a possible attack vector.

Where to now?

The hacker continues to blackmail RENAPER with a threat to trickle-publish the data including the “Trámite” numbers, and Photo IDs. This could seed the beginnings of a Facebook alternative for Argentina. Say renaperbook.com?

Private Databanks

By

admin

-

October 13, 2021

0

Move aside WikiLeaks, many governments, and private wealth entities have their own view of global data. This is commonly known as “Databanks”. So Forbes, Bloomberg, Times, The Economist, DOW Jones, The Straits Times have databanks. Governments have archives, and intel repositories.

So everyone has a version of the truth – Glitchdata included.

A data bank or databank is a repository of information on one or more subjects – a database – that is organised in a way that facilitates local or remote information retrieval and is able to process many continual queries over a long period of time.

The data in a data bank can be anything from scientific information like global temperature readings, and governmental information like census statistics, to financial-system records like credit card transactions, or the inventory available from various suppliers.

Cyber Situational Awareness

By

admin

-

October 12, 2021

0

The US Army considers Cyberspace as a key battleground, starting with battlefield electromagnetic signatures, and extending to social media footprints.

To command this space, the US Army has several programs of work over the next 3 years to monitor and provide intelligence for Army commanders.

You would also think that a Cyberspace battleground should then warrant a Cyberspace response. Currently, it’s focused on the physical battlefield response.

We has the Pandora Papers

By

admin

-

October 7, 2021

0

So you’ve heard of the Offshore leaks, Paradise Papers, Panama Papers. Pandora Papers is the latest leaks

So who have been identified in this latest set of leaks? They include:

The owners of more than 1,500 UK properties bought using offshore firm. This include former Prime minister Tony Blair.
The Qatari ruling family
Sir Philip and Lady Green went on a property spree after off-loading the BHS retail chain.
A prominent Tory donor who was involved in one of Europe’s biggest corruption scandals
the King of Jordan’s £70m spending spree on properties in the UK and US through secretly-owned companies
Azerbaijan’s leading family’s hidden involvement in property deals in the UK worth more than £400m
the Czech prime minister’s failure to declare an offshore investment company used to purchase two French villas for £12m
how the family of Kenyan president Uhuru Kenyatta’s secretly owned a network of offshore companies for decades

KPMG acquires Certus

By

admin

-

August 23, 2021

0

KPMG Australia has signed an agreement to acquire Certus APAC. The move, which will provide additional Oracle specialist skills to KPMG’s digital transformation and cloud services capabilities, comes at a critical time for clients challenged with navigating their organisations through COVID.

Announcing the deal today, KPMG Australia CEO Andrew Yates commented: “The pandemic has forced organisations to re-evaluate how they interact with their customers, staff and suppliers, and determine if their current systems are fit-for-purpose. Remote work and reduced face-to-face contact have changed mobility and virtual accessibility needs, and driven the requirement for more robust human capital management systems to engage with staff. Supply chains have become increasingly complex, requiring more sophisticated and flexible systems. Our clients are looking to us to help solve these problems, and Oracle cloud capabilities will add a further dimension to our technology enablement offering.”

Founded in 2014, Certus APAC is an Oracle implementation partner that specialises in the delivery, training and support of cloud services to clients in industries such as financial services, utilities, retail and the public sector. Certus APAC is a recognised Oracle Platinum Specialised Partner and a training provider to Oracle University.

Founder and Managing Partner Ian Wood will join KPMG as a partner, bringing with him his co-founders Richard Atkins, Rebecca Hodgson, Sumit Malhotra and Lee Martin and 36 team members located in Sydney, Melbourne and India. The Certus APAC team will be integrated into KPMG’s technology enablement teams, adding specialist Oracle cloud capabilities across a wide range of applications including ERP (Enterprise Resource Planning) and HCM (Human Capital Management).

Ian Wood, Managing Partner of Certus APAC said: “Our rapid growth over the past four years has been fuelled by increasing demand for Oracle cloud transformation. This has accelerated significantly during the pandemic, and we have reached a stage where the resources and support of a large firm was the logical next step. Joining with KPMG will allow us to continue this growth trajectory and focus on what we do best. The alignment of opportunity and most importantly, culture, makes this the perfect fit for both sides. Innovation and agility are at the heart of what we do, and KPMG are as passionate as we are about creating measurable value for our clients.”

Certus APAC will become part of KPMG Australia in late 2021, subject to the successful completion of the acquisition. Commercial terms were not disclosed.

Andrew Yates added: “Ian and his team have an outstanding track record. We are delighted to welcome such a talented bunch of people, and I am excited to see what they can achieve as part of KPMG.”

Today’s announcement builds upon KPMG Australia’s strategic plan to expand into technology enablement. In 2015, the firm acquired Microsoft partner Hands-On Systems, followed by Murex software specialist IT Markets in 2016. In 2020, Alex Moreno joined the firm as the first national head of Salesforce capability.

Accenture acquires Industrie&Co

By

admin

-

May 27, 2021

0

Founded in 2007, Industrie&Co has grown to a headcount of more than 170 staff spread across offices in Melbourne, Hong Kong, Singapore and its headquarters in Sydney, with 150 expected to cross to Accenture in Australia. Among them are current chief executive and co-founder Con Zeritis and Hong-Kong based managing director and one-time EY consultant Antony Morris, who both cross to Accenture as managing directors.

“We are delighted to have the opportunity to become part of Accenture, we share entrepreneurial values and ambition to drive innovation, growth and business outcomes,” said Zeritis. “Accenture’s vast client network, global scale and investment in their cloud-first strategy makes for an ideal home to enable us to accelerate our growth objectives for both our clients and team.”

Industrie&Co has completed over 200 client engagements with organisations like Macquarie Bank, NAB, ING, AMP, HSBC, the ASX and human capital consultancy Mercer. Services are grouped around strategy & design, agile delivery, software engineering, and cloud & devops.

“The Industrie&Co team brings to Accenture a strong industry footprint and culture of innovation, that will enable us to drive growth for our clients,” said Accenture’s Australia and New Zealand CEO Tara Brady, who took over just ahead of the recent cloud-acquisitions last year. “In the context of a constrained talent market, Industrie&Co’s skills will ensure we are well positioned to continue to accelerate our client’s growth and innovation capabilities.”

Tor Browser

By

admin

-

January 1, 2021

1

You might have heard of the Dark Web. Here is how you can get access:

Download Tor Browser
- https://www.torproject.org/download/
Connect to an “Onion” link
View Tor Network Status
- http://jlve2y45zacpbz6s.onion

If you want to know how the Tor network works, see:

https://wiki.glitchdata.com/index.php/Tor

glitchdata

thekidsstore

glitchdata

Lastpass – December 2021

Ubisoft – December 2021

Huawei – December 2021

Victoria Police – December 2021

Finite Recruitment – December 2021

SA Government – December 2021

Gravatar – December 2021

Panasonic – November 2021

ACT Government – November 2021

Tabcorp – November 2021

Australia’s Copyright Agency – November 2021

GoDaddy – November 2021

South Australian Ambulance Service – November 2021

Sunwater – November 2021

mySA Gov – November 2021

Twitch – October 2021

AI Dungeon – September 2021

Accenture – August 2021

FIFA21 – August 2021

Optus – 2019 Update

SafeWA – August 2021

Melbourne City Mission and the Department of Health and Human Services – 2017 Update

Uber – 2016 Update

NSW Department of Education – July 2021

Tasmanian State Growth – July 2021

LimeVPN – July 2021

Morningstar – June 2021

LinkedIn – June 2021

Carnival Cruises – June 2021

Uniting Communities – June 2021

Ray White – June 2021

NSW Health – June 2021

Air India – May 2021

TPG – May 2021

NAB 2019 – April 2021

UnitingCare Queensland – April 2021

Swinburne University – April 2021

Ubiquiti – April 2021

Shanghai Security Database – April 2021

Facebook – April 2021

Eastern Health – March 2021

WA Parliamentary Email Network – March 2021

Microsoft – March 2021

SITA – March 2021

Minister’s Private Email Accounts – February 2021

Transport for NSW – February 2021

SingTel – February 2021

Accellion – February 2021

NT Health – February 2021

QIMR Berghofer Medical Research Institute – February 2021

Service NSW – 2020 Update

Oxfam – February 2021

ASIC – January 2021

Tasmanian Ambulance – January 2021

Shop

Information

Contact

Inspiration in your inbox