Largest non-bank lender in Australia warns of a data breach

Firstmac Limited is warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm.
Firstmac is a significant player in Australia's financial services industry, focusing primarily on mortgage lending, investment management, and securitization services.
Headquartered in Brisbane, Queensland, and employing 460 people, the firm has issued 100,000 home loans and currently manages $15 billion in mortgages.
Yesterday, Have I Been Pwned creator Troy Hunt published on X a sample of the notification letter sent to Firstmac customers, informing them of a severe data breach.
Despite that, Firstmac assured recipients that their accounts and funds are secure, and the firm's systems have now been appropriately bolstered.
Among the measures that were introduced to strengthen security is a new requirement for all account changes to confirm the user's identity using two-factor authentication or biometrics.
Recipients of the notices are provided with free identity theft protection services through IDCare and are advised to remain cautious with unsolicited communications and regularly check their account statements for unusual activity.
Australian news outlets reported about the attack on Firstmac in late April after the Embargo extortion group announced it on its data leak site.
On Thursday, Embargo leaked all data they claimed to have stolen from Firstmac's systems, including documents, source code, email addresses, phone numbers, and database backups.
The new threat group currently only lists two victims on its extortion page, and it is unknown if they have committed the breaches themselves or bought the stolen data from others to blackmail the owners.
Samples of Embargo encryptors have yet to be found, so it's unknown if they are a ransomware group or simply focus on extortion.
Europol confirms web portal breach, says no operational data stolen.
The Post Millennial hack leaked data impacting 26 million people.
Chipmaker Nexperia confirms breach after ransomware gang leaks data.
Hacker claims Giant Tiger data breach, leaks 2.8M records online.
AT&T now says data breach impacted 51 million customers.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 13 May 2024 00:44:05 +0000


Cyber News related to Largest non-bank lender in Australia warns of a data breach

Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
1 year ago Jdsupra.com
Encore Bank Notifies Customers of Data Breach After Hackers Access an Employee Email Account - On January 31, 2024, Encore Bank filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized party was able to gain access to an employee's email account. In this notice, Encore Bank explains that ...
10 months ago Jdsupra.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
CyberCrime & Doing Time: Identification Documents: an Obsolete Fraud Countermeasure - When I'm talking to bankers and other fraud fighters, I often mention how easy it is for a criminal to obtain a Drivers License bearing any information they desire. In the new case, Brianna Mills, a 28-year old bank teller in Loganville, Georgia ...
10 months ago Garwarner.blogspot.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
10 months ago Securityzap.com
Bank of America's Security Response: Mitigating Risks After Vendor Data Breach - In a concerning development, Bank of America has informed its customers about a possible data breach stemming from a security incident involving one of its vendors. This incident raises questions about the security of sensitive customer information, ...
10 months ago Cysecurity.news
Nationwide Banking Crisis: Servers Down, UPI Transactions in Jeopardy - Several bank servers have been reported to have been down on Tuesday, affecting Unified Payments Interface transactions throughout the country. Several users took to social media platforms and reported that they encountered issues while making UPI ...
10 months ago Cysecurity.news
Largest non-bank lender in Australia warns of a data breach - Firstmac Limited is warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm. Firstmac is a significant player in Australia's financial services ...
7 months ago Bleepingcomputer.com
Ukraine security services involved in hack of Russia's largest private bank - Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News. Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, ...
1 year ago Therecord.media
Banco Santander warns of a data breach exposing customer info - Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. With a strong presence in Spain, the United Kingdom, Brazil, Mexico, and ...
7 months ago Bleepingcomputer.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
EasyPark discloses data breach that may impact millions of users - Parking app developer EasyPark has published a notice on its website warning of a data breach it discovered on December 10, 2023, which impacts an unknown number of its millions of users. EasyPark is a Swedish company that creates mobile and web apps ...
11 months ago Bleepingcomputer.com
US mortgage lender loanDepot confirms ransomware attack - Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. LoanDepot is a major nonbank mortgage lender in the United States, with over $140 billion in ...
11 months ago Bleepingcomputer.com
Fintech company Affirm says Evolve Bank attack exposed customer info - Financial technology company Affirm told regulators this week that a cyberattack on a banking partner exposed customer information. Affirm - which runs one of the biggest buy now, pay later platforms - told the Securities and Exchange Commission on ...
5 months ago Therecord.media
CyberCrime & Doing Time: Classic Baggie: Part Three - He claimed he was selected as an independent contractor to rebuild a fleet of airplanes for KLM Royal Dutch Airlines, who had wired him $3.5 Million Euros into his Swiss bank account at Neue Privat Bank. His attorney, Phillip Richardson, said that he ...
11 months ago Garwarner.blogspot.com
DP World confirms data stolen in cyberattack, no ransomware used - International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. The company says no ransomware payloads or encryption was used in the attack. On November ...
1 year ago Bleepingcomputer.com
Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
5 months ago Securityaffairs.com
The Post Millennial hack leaked data impacting 26 million people - Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. The Post Millennial is a conservative Canadian online news magazine belonging to the Human ...
7 months ago Bleepingcomputer.com
Eagers Automotive halts trading in response to cyberattack - Eagers Automotive has announced it suffered a cyberattack and was forced to halt trading on the stock exchange as it evaluates the impact of the incident. Eagers Automotive is the largest operator of car dealerships in Australia and New Zealand, with ...
11 months ago Bleepingcomputer.com
Yakult Australia confirms 'cyber incident' after 95 GB data leak - Both the company's Australian and New Zealand IT systems have been affected. Cybercrime actor DragonForce which claimed responsibility for the attack has also leaked 95 GB of data that it states, belongs to the company. Invented in 1935 in Japan and ...
11 months ago Bleepingcomputer.com
Bank of America warns customers of data breach after vendor hack - Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. Customer personally identifiable information exposed in the security breach includes the affected ...
10 months ago Bleepingcomputer.com
DNA testing: What happens if your genetic data is hacked? - The personal information of millions of people who sent swabs of their DNA to consumer testing services have been leaked in high profile hacks in recent years, leading to questions about how secure that genetic data is. In autumn 2023, a hacker ...
10 months ago Packetstormsecurity.com
China's biggest lender ICBC hit by ransomware attack - Industrial and Commercial Bank of China Ltd Nov 10 - The Industrial and Commercial Bank of China's U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Thursday, the latest in a string of victims ...
1 year ago Reuters.com
Australian charged for 'Evil Twin' WiFi attack on plane - An Australian man was charged by Australia's Federal Police for allegedly conducting an 'evil twin' WiFi attack on various domestic flights and airports in Perth, Melbourne, and Adelaide to steal other people's email or social media credentials. The ...
5 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)