Cyber Incident Victim: United Australia Party

On 23 June 2025, the United Australia Party and associated entity Trumpets of Patriots identified unauthorized access to their servers, which they later described as a ransomware cyber-attack. The breach occurred on that date and resulted in possible exfiltration of certain data records. The parties confirmed the incident in a statement published on their website and reported to the Australian Cyber Security Magazine. They determined that the breach had been identified on the same day it occurred.

The compromised data may have included personal information such as email addresses, phone numbers, identity records, banking records, employment history, and documents, including those provided under confidentiality arrangements. The parties stated they do not know comprehensively what information was on the server. They noted that any information provided by individuals could have been stored there. The breach potentially affected members, associates, and other individuals who had interacted with the parties.

After detection, the parties secured their systems and restored recoverable data from backup tapes. They reported the breach to the Office of the Australian Information Commissioner and to the Australian Signals Directorate. They determined that notifying individuals individually was impracticable and therefore did not issue direct notifications. The parties issued a public notice describing the breach and the types of data potentially involved.