EnergyAustralia

EnergyAustralia has been targeted by a cyber-attack, with hundreds of customers’ details exposed.

323 residential and small business customers were affected by unauthorized access to their online platform, My Account.

Details including customer names, addresses, email addresses, electricity and gas bills, phone numbers and the first six and last three digits of their credit cards are all included with those accounts.

The company said there was “no evidence” customer details were transferred outside the company’s platform.

Sensitive documents such as driver licences or passports were not stored on the platform.

Source: https://www.theguardian.com/australia-news/2022/oct/21/energyaustralia-latest-to-be-hit-by-cyber-attack-as-details-of-hundreds-of-customers-exposed

TPRM report: https://scoringcyber.rankiteo.com/company/energyaustralia

"id": "ene184321122",
"linkid": "energyaustralia",
"type": "Cyber Attack",
"date": "10/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 323,
                        'industry': 'Energy',
                        'name': 'EnergyAustralia',
                        'type': 'Company'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'number_of_records_exposed': 323,
                 'personally_identifiable_information': ['Customer names',
                                                         'Addresses',
                                                         'Email addresses',
                                                         'Phone numbers',
                                                         'The first six and '
                                                         'last three digits of '
                                                         'credit cards'],
                 'sensitivity_of_data': 'Medium',
                 'type_of_data_compromised': ['Customer names',
                                              'Addresses',
                                              'Email addresses',
                                              'Electricity and gas bills',
                                              'Phone numbers',
                                              'The first six and last three '
                                              'digits of credit cards']},
 'description': 'EnergyAustralia has been targeted by a cyber-attack, with '
                'hundreds of customers’ details exposed. 323 residential and '
                'small business customers were affected by unauthorized access '
                'to their online platform, My Account. Details including '
                'customer names, addresses, email addresses, electricity and '
                'gas bills, phone numbers and the first six and last three '
                'digits of their credit cards are all included with those '
                'accounts. The company said there was “no evidence” customer '
                'details were transferred outside the company’s platform. '
                'Sensitive documents such as driver licences or passports were '
                'not stored on the platform.',
 'impact': {'data_compromised': ['Customer names',
                                 'Addresses',
                                 'Email addresses',
                                 'Electricity and gas bills',
                                 'Phone numbers',
                                 'The first six and last three digits of '
                                 'credit cards'],
            'systems_affected': ['My Account online platform']},
 'references': [{'source': 'News Article'}],
 'title': 'EnergyAustralia Cyber-Attack',
 'type': 'Data Breach'}

EnergyAustralia

Microsoft

Young Consulting

IdeaLab