Aussies are spending way more on booze than they were last year
national
Australia
money
Cost of Living
finance
alcohol CONTACT US
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Sydney Morning Herald
an hour ago
- Sydney Morning Herald
High-end heist: Australians caught up in Louis Vuitton data breach
'The Louis Vuitton breach is just the latest in a string of cyber incidents for the sector, with big names like Tiffany, Dior, Adidas, Victoria's Secret and Cartier disclosing incidents since just April. Ransomware group ShinyHunters is likely behind some, but not all of these.' Loading ShinyHunters, which was formed in 2020 and named after a Pokemon, has claimed credit for some of the most significant data breaches globally, affecting millions of people including Australians. It hasn't yet claimed responsibility for the Louis Vuitton breach. 'ShinyHunters' MO is stealing large datasets. Often, they sell these datasets to other criminals; sometimes, they leak them as a publicity stunt,' Mansted said. She said CyberCX was seeing far fewer businesses in Australia, and globally, pay ransoms to cybercriminals. The criminals aren't stopping, however, but are instead operating in sectors and places more willing to pay ransoms or changing their service offerings. Some are reverting to stealing and selling data to make money. 'The retail sector is in a sweet spot for cybercriminals,' she said. 'The sector hasn't faced the same regulatory pressure to uplift cyber maturity as banks, telcos and other critical providers. But at the same time, it holds huge consumer datasets. These datasets are highly valuable – whether transacted by powerful data brokers, or unlawfully on the dark web by criminals. 'The high-end retail heist also highlights a growing problem confronting all businesses: third-party cyber risk. We're still understanding these incidents, but it's very possible that the source of at least some of these breaches is a third-party vendor commonly used across the sector.' Australian companies now face fines of up to $50 million for serious breaches of the Privacy Act, after high-profile data breaches affected Optus and Medibank customers. The Office of the Australian Information Commissioner was contacted for comment. The latest breach comes after 5.7 million Qantas customers had their information accessed by hackers this month, including information on frequent flyer accounts, addresses and food preferences. The airline said last week it had found no evidence yet of stolen data being released, but it was 'actively monitoring'. Cybersecurity researcher Jamieson O'Reilly said while no passwords or financial data had been taken, the scope of stolen Louis Vuitton data still presented significant opportunities for exploitation. 'That is especially true when the breached entity is a high-profile luxury brand with a highly engaged and brand-loyal customer base,' he said. Jamieson, who runs cybersecurity consultancy DVULN, said he had already noticed online chatter and victim reports indicating that Louis Vuitton customers had received phishing emails impersonating the company. 'Notably, this email referenced a known artist, Clara Bacou, who previously published conceptual NFT artwork for Louis Vuitton back in 2021,' he said. Loading 'Anyone who searched the artist's name would find legitimate links tying her to Louis Vuitton, giving the email a false sense of authenticity. Combined with accurate customer data from the breach, the setup is precise enough to fool even security-aware recipients.' He said it was highly likely that threat actors are already using the stolen data for nefarious purposes. 'While breaches are frequent, that does not make them acceptable,' he said.
The Age
an hour ago
- The Age
High-end heist: Australians caught up in Louis Vuitton data breach
'The Louis Vuitton breach is just the latest in a string of cyber incidents for the sector, with big names like Tiffany, Dior, Adidas, Victoria's Secret and Cartier disclosing incidents since just April. Ransomware group ShinyHunters is likely behind some, but not all of these.' Loading ShinyHunters, which was formed in 2020 and named after a Pokemon, has claimed credit for some of the most significant data breaches globally, affecting millions of people including Australians. It hasn't yet claimed responsibility for the Louis Vuitton breach. 'ShinyHunters' MO is stealing large datasets. Often, they sell these datasets to other criminals; sometimes, they leak them as a publicity stunt,' Mansted said. She said CyberCX was seeing far fewer businesses in Australia, and globally, pay ransoms to cybercriminals. The criminals aren't stopping, however, but are instead operating in sectors and places more willing to pay ransoms or changing their service offerings. Some are reverting to stealing and selling data to make money. 'The retail sector is in a sweet spot for cybercriminals,' she said. 'The sector hasn't faced the same regulatory pressure to uplift cyber maturity as banks, telcos and other critical providers. But at the same time, it holds huge consumer datasets. These datasets are highly valuable – whether transacted by powerful data brokers, or unlawfully on the dark web by criminals. 'The high-end retail heist also highlights a growing problem confronting all businesses: third-party cyber risk. We're still understanding these incidents, but it's very possible that the source of at least some of these breaches is a third-party vendor commonly used across the sector.' Australian companies now face fines of up to $50 million for serious breaches of the Privacy Act, after high-profile data breaches affected Optus and Medibank customers. The Office of the Australian Information Commissioner was contacted for comment. The latest breach comes after 5.7 million Qantas customers had their information accessed by hackers this month, including information on frequent flyer accounts, addresses and food preferences. The airline said last week it had found no evidence yet of stolen data being released, but it was 'actively monitoring'. Cybersecurity researcher Jamieson O'Reilly said while no passwords or financial data had been taken, the scope of stolen Louis Vuitton data still presented significant opportunities for exploitation. 'That is especially true when the breached entity is a high-profile luxury brand with a highly engaged and brand-loyal customer base,' he said. Jamieson, who runs cybersecurity consultancy DVULN, said he had already noticed online chatter and victim reports indicating that Louis Vuitton customers had received phishing emails impersonating the company. 'Notably, this email referenced a known artist, Clara Bacou, who previously published conceptual NFT artwork for Louis Vuitton back in 2021,' he said. Loading 'Anyone who searched the artist's name would find legitimate links tying her to Louis Vuitton, giving the email a false sense of authenticity. Combined with accurate customer data from the breach, the setup is precise enough to fool even security-aware recipients.' He said it was highly likely that threat actors are already using the stolen data for nefarious purposes. 'While breaches are frequent, that does not make them acceptable,' he said.
9 News
2 hours ago
- 9 News
'Money mules' loaning bank accounts to help crooks launder millions
Your web browser is no longer supported. To improve your experience update it here "Money mules" renting out their bank accounts are helping criminals launder millions of dollars in Australia. The Australian Federal Police and the Australian Banking Association are urging Australians to not share their banking details or loan their account out, as they step up efforts to curb this criminal activity. Money mules are people who – knowingly or unknowingly – are recruited by criminal syndicates to transfer illicit money in and out of their personal accounts to make the funds appear legitimate to authorities. People are being warned against renting or loaning out their bank accounts to potential criminals. (Nine) Money mules may also rent or sell their account for a payment. This routing of money through a legitimate Australian bank account obfuscates the flow of the dirty cash, making it difficult to track. The mules are paid anywhere from $200 to $500 for the use of their personal accounts and may receive a commission on funds received into their accounts (typically about 10 per cent). Fund transfers from legitimate bank accounts can obscure the trail of illicit money. (Getty) Criminals target potential money mules through social media, messaging or gaming platforms, chat forums, online advertisements and even in face-to-face meetings. Job and romance scams and even outright threats have been used to gain access to people's bank accounts for fund transfers. Criminal networks are also increasingly instructing money mules to move funds through cryptocurrency exchanges/ATMs (CATM) and global money transfer apps, as these platforms enable faster and more discreet transfers than traditional banking institutions. In these instances, money mules are instructed to withdraw physical cash from their account and deposit it into a CATM, where the money is sent to a digital wallet controlled by the criminal. According to Scamwatch, $141.7 million was lost to scammers via bank transfers last year. Money laundering convictions carry a maximum penalty of life imprisonment in Australia. AFP Detective Superintendent Marie Andersson said money laundering was an integral part of organised crime. "It is illegal to rent, buy or sell bank accounts, and doing so supports the criminal ecosystem," Andersson said. "Your account may be housing money derived from scams, extortion, drug trafficking and terrorism." ABA Chief Executive Anna Bligh said mule accounts were a key part of a scammer's business model and banks were focused on shutting them down. "I urge Australians to steer clear if you've seen an advertisement or are approached to rent or sell your bank account," she said. "There's a good chance you're being recruited to hide the profits of criminal activity." If you are concerned your identity has been compromised, contact the national identity and cyber support service IDCARE. crime Fraud banks Australia national CONTACT US
