Melbourne International Film Festival, Australian Centre for the Moving Image and Lifeline Australia: Data breach! Lifeline Australia confirms staff data compromised following hacking claims

Melbourne International Film Festival, Australian Centre for the Moving Image and Lifeline Australia: Data breach! Lifeline Australia confirms staff data compromised following hacking claims

Lifeline Australia Confirms Data Breach After Hacker Leaks Stolen Records

Australian suicide-prevention charity Lifeline has confirmed a data breach after a hacker known as "2019" posted stolen records on a dark web forum on 11 July. The threat actor claimed to have obtained over 10,000 records, including staff names, emails, dates of birth, client IDs, phone numbers, and other internal data some of which was later found to be falsified.

Lifeline became aware of the breach on 12 July and immediately launched an investigation with external cybersecurity experts. While the organisation confirmed that staff and volunteer information was accessed, it stressed that no help-seeker data or financial details were compromised. As a precaution, Lifeline is notifying affected individuals and warning staff about potential scam activity.

The hacker, "2019", has been active since January 2026, targeting multiple Australian organisations, including the Melbourne International Film Festival, a Canberra medical clinic, and the Australian Centre for the Moving Image. Their most recent victim, Hot Toner Australia, was breached around the same time as Lifeline.

Lifeline, a 24/7 crisis support service, operates through a network of 43 centres across Australia, providing counselling, training, and advocacy. The organisation is working with cybersecurity providers and law enforcement to address the incident.

Source: https://www.cyberdaily.au/security/13894-data-breach-lifeline-australia-confirms-staff-data-compromised-following-hacking-claims

Melbourne City Mission cybersecurity rating report: https://www.rankiteo.com/company/melbourne-city-mission

Lifeline Australia cybersecurity rating report: https://www.rankiteo.com/company/lifeline-australia

Australian Red Cross cybersecurity rating report: https://www.rankiteo.com/company/australian-red-cross

"id": "MELLIFAUS1783996041",
"linkid": "melbourne-city-mission, lifeline-australia, australian-red-cross",
"type": "Cyber Attack",
"date": "7/2026",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'customers_affected': 'Staff and volunteers (number '
                                              'not specified)',
                        'industry': 'Healthcare/Mental Health',
                        'location': 'Australia',
                        'name': 'Lifeline Australia',
                        'size': '43 centres across Australia',
                        'type': 'Charity/Non-Profit'}],
 'customer_advisories': 'Notifying affected individuals',
 'data_breach': {'data_exfiltration': 'Yes (posted on dark web forum)',
                 'number_of_records_exposed': 'Over 10,000',
                 'personally_identifiable_information': 'Yes (names, emails, '
                                                        'dates of birth, phone '
                                                        'numbers)',
                 'sensitivity_of_data': 'High (personal and internal data, '
                                        'though some falsified)',
                 'type_of_data_compromised': ['Staff names',
                                              'Emails',
                                              'Dates of birth',
                                              'Client IDs',
                                              'Phone numbers',
                                              'Other internal data']},
 'date_detected': '2026-07-12',
 'date_publicly_disclosed': '2026-07-11',
 'description': 'Australian suicide-prevention charity Lifeline confirmed a '
                "data breach after a hacker known as '2019' posted stolen "
                'records on a dark web forum. The threat actor claimed to have '
                'obtained over 10,000 records, including staff names, emails, '
                'dates of birth, client IDs, phone numbers, and other internal '
                'data, some of which was later found to be falsified.',
 'impact': {'brand_reputation_impact': 'Potential impact due to breach '
                                       'notification and scam warnings',
            'data_compromised': 'Over 10,000 records',
            'identity_theft_risk': 'Potential risk for staff due to exposed '
                                   'personal information',
            'payment_information_risk': 'None (financial details not '
                                        'compromised)'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes (posted on dark web '
                                                    'forum)'},
 'investigation_status': 'Ongoing',
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'communication_strategy': 'Notifying affected individuals and '
                                        'warning staff about potential scam '
                                        'activity',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'third_party_assistance': 'External cybersecurity experts'},
 'stakeholder_advisories': 'Warning staff about potential scam activity',
 'threat_actor': '2019',
 'title': 'Lifeline Australia Data Breach',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.