- Academy to host first overseas ceremony to honor young filmmakers
- No doctor necessary: US okays nasal spray flu vaccine for self-use
- Gurbaz, birthday boy Rashid lead Afghanistan to 177-run rout of South Africa
- Former delivery man Baldwin leads star names at PGA Championship
- Trump shooting: Secret Service admits complacency
- Can an ambitious Milei make Argentina an AI giant?
- Haiti, its suffering growing, in 'race against time': UN expert
- Ibrahim Aqil, the Hezbollah elite unit commander wanted by the US
- Chinese forward Cui signs NBA contract with Brooklyn Nets
- US Fed dissenter calls for 'measured' pace of rate cuts
- Guardiola tells players to lead change over workload as Kompany demands cap on games
- Norway limits wild salmon fishing as stocks hit new lows
- Top Hezbollah commander killed in Israeli strike on Beirut
- Rotterdam fatal knife attacker suspected of 'terrorist motive'
- First early votes cast in knife-edge US presidential election
- Top-ranked Swiatek out of Beijing due to 'personal matters'
- Hard-right Reform UK looks to the future after vote success
- Embiid agrees to NBA contract extension with 76ers
- Joshua aims to complete road to redemption in Dubois bout
- World champion Bagnaia sets pace with lap record at Misano
- Biden says 'working' to get people back to homes on Israel-Lebanon border
- Pope criticises Argentina's crackdown on protesters
- Court limits screenings of videos in France mass rape case
- Gurbaz century takes Afghanistan to 311-4 in 2nd ODI
- Central banks face 'difficult balancing act': IMF chief
- McLaren's Norris sets Singapore pace as struggling Verstappen 15th
- Guardiola tells players to lead change over workload fears
- Paris Olympics sports equipment moves to new homes
- 'Happy' Kinghorn relishing life at Toulouse
- Norris sets Singapore pace as Verstappen only 15th
- 8 dead in Israeli strike, source says Hezbollah commander killed
- Germany to bid to host women's Euro 2029
- Portugal brings deadly forest fires under control
- Postecoglou defends Solanke after slow start to Spurs career
- US nuclear plant Three Mile Island to reopen to power Microsoft
- Arteta urges Arsenal to take next step in Man City showdown
- Stock markets fall after Fed-fuelled rally
- Top Hezbollah commander 'killed' in Israel strike
- Poland charges Russian over attack on Navalny ally: prosecutors
- Man City have rest 'advantage' in Arsenal showdown: Guardiola
- Maresca has 'no doubt' in Jackson as Chelsea's number nine
- EU chief announces 35 bn euro loan plan for Ukraine before winter
- From TikTok to Hollywood, the irresistible rise of Italy's Khaby Lame
- Verstappen punished for swearing in Singapore press conference
- Sri Lanka lead by 202 in first New Zealand Test
- Brook 'not too fussed' by England's batting in heavy Australia loss
- India's Ashwin 'happy' to embrace pressure
- A modern 'Trojan Horse': two days of mayhem in Lebanon
- Third of Burundi mpox cases in children under five: UN
- Man Utd appoint Foster + Partners to develop Old Trafford 'masterplan'
Repeat hacks highlight Australia's cyber flaws
Inadequate privacy safeguards and the stockpiling of sensitive customer information have made Australia a lucrative target in the eyes of foreign hackers, cybersecurity experts told AFP following a series of major data breaches.
Medibank, Australia's largest private health insurer, recently confirmed that hackers had accessed the data of 9.7 million current and former customers, including medical records related to drug abuse and pregnancy terminations.
Telecom company Optus fell prey to a data breach of similar scale in late September, during which the personal details of up to 9.8 million people were accessed.
Both incidents sit comfortably among the largest data breaches in Australian history.
Australian National University cybersecurity expert Thomas Haines said many companies had been hoarding personal data that they should not have been hanging on to.
"There was a famous line for a while: Data is the new oil," he told AFP.
"If data is the new oil, then we're living the era of the weekly oil spill."
Haines contrasted Australia's approach with that of the European Union, which in 2018 adopted sweeping privacy reforms limiting how organisations collect, use and store personal data.
"There have got to be incentives in place to stop companies hoarding data they don't need, or to penalise those companies for big leaks. Europe has done this," he said.
"At the moment the business incentives are basically along the lines of: Let's just keep a whole bunch of data."
Haines said Medibank appeared to be an exception, in that most of the sensitive information within its databases had been stored for good reason.
- Hacking 'for profit' -
Australia's comparatively weak safeguards against identity theft meant it was also easier to exploit stolen personal information, Haines said.
"All they need to know is your passport, your driver's licence and some other things -- and then I can start taking out loans in your name."
Haines said European countries such as Norway had much more stringent requirements involving face-to-face contact.
Dennis Desmond, a former FBI agent and US Defense Intelligence Agency officer, said most hackers were searching for particular types of data.
"For-profit hackers are going after healthcare data, they're going after identity data and credentials to access systems," he told AFP.
"There is a profit motivation there, otherwise they wouldn't be risking jail and prosecution."
The Medibank hackers this week started leaking stolen data to a dark web forum, after the company refused to pay a US$9.7 million (Aus$15 million) ransom.
The Optus breach led to the theft of customers' names, birth dates, and passport numbers.
- Russia blamed -
Australian Federal Police Commissioner Reece Kershaw on Friday blamed the Medibank cyberattack on a team of hackers based in Russia.
"We believe those responsible for the breach are in Russia," he told reporters.
"Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches in countries across the world."
Medibank data leaked to the dark web so far has included hundreds of potentially-compromising medical records related to drug addiction, alcohol abuse and sexually-transmitted infections.
Home Affairs Minister Clare O'Neil conceded on Friday the country's cyber defences had not always been up to scratch.
University of Sydney data researcher Jane Andrew said one major flaw was that Australian companies were not always obliged to report data breaches.
"There are heaps of data breaches happening all the time that we don't hear anything about," she told AFP.
"Companies have been gathering data because it's seen to be valuable, without fully understanding the potential risks."
H.E.Young--AMWN