Cyber Incident Victim: Australia

In July 2020, Australian authorities identified a significant cybersecurity incident involving the compromise of MyGov accounts, the federal government's online services portal. Logins for over 3,600 MyGov accounts were discovered for sale on dark web marketplaces alongside approximately 150,000 additional ".com.au" domain credentials. The compromised accounts appeared in bulk listings on underground forums where cybercriminals trade stolen credentials. This breach exposed authentication credentials that could provide access to sensitive government services linked to MyGov accounts, including tax filings and social welfare information. The incident was reported by Financial Review on July 3, 2020, after dark web monitoring revealed the active sale of the credentials.

The exposed MyGov accounts created substantial risks of identity theft and financial fraud for affected Australian citizens. Attackers priced the stolen credentials variably across dark web platforms, with some accounts selling for a few cents while others commanded hundreds of dollars based on perceived value. No specific timeframe for the initial account compromises or intrusion method was disclosed in available reports. The scale of the incident highlighted vulnerabilities in credential management for critical government portals, though technical details about the breach vector remained unconfirmed. Authorities issued public warnings about the dark web sales but did not release official statements regarding containment measures or forensic findings related to the incident.