Ferve, Melbourne International Film Festival and Australian Centre for the Moving Image: Exclusive: Hacker claims breach of the Australian Centre for the Moving Image, PII allegedly compromised

Hacker "2019" Leaks Data of 25,000 ACMI Customers in Third-Party Breach

A hacker known as 2019 has published the personal data of over 25,000 customers of the Australian Centre for the Moving Image (ACMI) on a hacking forum. The leaked datasets allegedly include full names, email addresses, gender, dates of birth, sign-in credentials, invoicing details, and IP addresses.

The breach appears linked to Ferve, a Melbourne-based ticketing provider used by ACMI and previously compromised in a similar attack on the Melbourne International Film Festival (MIFF), also claimed by 2019. Ferve has confirmed an ongoing investigation, collaborating with affected clients, cybersecurity experts, and authorities to assess the incident’s scope. The company stated it is evaluating additional security measures to strengthen its systems.

ACMI, a prominent Melbourne-based museum and cultural hub focused on film, TV, and digital media, has not yet responded to requests for comment. Ferve serves major clients across Australia, North America, the EU, and Asia-Pacific, including the Sydney Film Festival and Sydney Fringe Festival.

The threat actor 2019 has been active since February 2026, with at least 23 tracked breaches targeting organizations in Australia, New Zealand, Spain, the UAE, and the U.S. Some data is offered for direct download, while other leaks are sold. The breach underscores the risks of third-party vendor vulnerabilities in high-profile cultural and event sectors.

Source: https://www.cyberdaily.au/security/13692-exclusive-hacker-claims-breach-of-the-australian-centre-for-the-moving-image-pii-allegedly-compromised

Ferve TPRM report: https://www.rankiteo.com/company/ferve

Melbourne International Film Festival TPRM report: https://www.rankiteo.com/company/arts-centre-melbourne

Australian Centre for the Moving Image TPRM report: https://www.rankiteo.com/company/australian-centre-for-the-moving-image

"id": "ferausart1780475639",
"linkid": "ferve, australian-centre-for-the-moving-image, arts-centre-melbourne",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '25,000',
                        'industry': 'Arts and Entertainment',
                        'location': 'Melbourne, Australia',
                        'name': 'Australian Centre for the Moving Image (ACMI)',
                        'type': 'Cultural institution'},
                       {'industry': 'Technology/Event Management',
                        'location': 'Melbourne, Australia',
                        'name': 'Ferve',
                        'type': 'Ticketing provider'},
                       {'industry': 'Arts and Entertainment',
                        'location': 'Melbourne, Australia',
                        'name': 'Melbourne International Film Festival (MIFF)',
                        'type': 'Film festival'}],
 'attack_vector': 'Third-party vendor compromise',
 'data_breach': {'data_exfiltration': 'Published on a hacking forum',
                 'number_of_records_exposed': '25,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Full names',
                                              'Email addresses',
                                              'Gender',
                                              'Dates of birth',
                                              'Sign-in credentials',
                                              'Invoicing details',
                                              'IP addresses']},
 'description': 'A hacker known as *2019* has published the personal data of '
                'over 25,000 customers of the Australian Centre for the Moving '
                'Image (ACMI) on a hacking forum. The leaked datasets '
                'allegedly include full names, email addresses, gender, dates '
                'of birth, sign-in credentials, invoicing details, and IP '
                'addresses. The breach appears linked to *Ferve*, a '
                'Melbourne-based ticketing provider used by ACMI and '
                'previously compromised in a similar attack on the Melbourne '
                'International Film Festival (MIFF), also claimed by *2019*.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage to ACMI '
                                       'and Ferve',
            'data_compromised': 'Personal data of over 25,000 customers',
            'identity_theft_risk': 'High',
            'systems_affected': 'Ferve ticketing system'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Some data offered for '
                                                    'direct download, other '
                                                    'leaks sold'},
 'investigation_status': 'Ongoing',
 'post_incident_analysis': {'root_causes': 'Third-party vendor vulnerability'},
 'references': [{'source': 'Cyber incident report'}],
 'response': {'remediation_measures': 'Evaluating additional security measures',
              'third_party_assistance': 'Cybersecurity experts'},
 'threat_actor': '2019',
 'title': "Hacker '2019' Leaks Data of 25,000 ACMI Customers in Third-Party "
          'Breach',
 'type': 'Data Breach'}