Top 3 Cyber Incidents in Australia (October 2025 Update)

In 2025, top cyber incidents in Australia have impacted major corporations and government entities alike, sending a clear message to SMEs: cyber resilience is no longer optional. 

As a result, we’ve prepared an exclusive, limited-time offer: FREE Vulnerability Assessment to help you strengthen your defences.

Keep reading to discover how to claim this and take the first step toward a safer, smarter IT environment.

Cybercrime Trends in 2025: Insights from Top Cyber Incidents in Australia

The Australian Cyber Security Centre (ACSC) Annual Cyber Threat Report 2024–25 reveals a sharp rise in malicious activity, including credential theft, ransomware attacks, and exploitation of critical infrastructure.

• 84,700+ cybercrime reports to ACSC in FY2024–25 (that’s one every 6 minutes!)
• $56,600 average cost per incident for small businesses (↑14% from the previous year)
• 111% increase in alerts to critical infrastructure entities (over 190 notifications issued by the ACSC) 
• Top sectors targeted: Government, Financial Services, Health Care, IT & Telecoms
• Top states affected: QLD, VIC, NSW

Consequently, this surge underscores the urgent need for proactive measures. For example, organisations should implement multi-factor authentication, conduct regular vulnerability assessments, and, most importantly, align their practices with the ACSC Essential 8 framework.

In this updated blog, we revisit the relevant top cyber incidents in Australia and highlight new developments that shape today’s threat landscape.

1. Latitude Financial Data Breach (March 2023)

Impact: Over 14 million individuals affected across Australia and New Zealand.

What Happened:
Latitude detected a sophisticated cyber attack originating from a major vendor. Subsequently, attackers used stolen employee credentials to access personal data from multiple service providers.

Data Compromised:

• 7.9 million driver’s licence numbers
• 53,000 passport numbers
• 6.1 million historical records dating back to 2005

Current Status:
Latitude issued an apology and offered reimbursements for ID replacements, while investigations continue into data retention practices and security gaps.

Why It Matters for SMEs:
Third-party vulnerabilities are a growing risk. Therefore, SMEs must audit vendor access and enforce strict credential controls.

2. Qantas Data Breach (July 2025)

Impact: 5.7 million customer records threatened.

What Happened:
Hackers claimed to have stolen personal data and threatened public release. However, the FBI seized the attackers’ website, although the breach still raised serious concerns about data governance.

Data at Risk:
Names, contact details, and travel history.

Current Status:
Qantas is working with federal authorities to assess the breach and strengthen its cyber defences.

Why It Matters for SMEs:
Even well-resourced organisations are vulnerable; therefore, SMEs must prioritise breach detection and response planning.

3. Scattered Spider Ransomware Attacks (2025)

Impact: Multiple sectors targeted, including IT services and infrastructure.

What Happened:
The Scattered Spider group used social engineering and ransomware to infiltrate help desks and exfiltrate sensitive data.

Tactics Used:

• Credential theft
• MFA bypass
• Remote access tools

Current Status:
In response, the ACSC issued advisories urging organisations to implement phishing-resistant MFA and offline backups.

Why It Matters for SMEs:
Help desks are a common entry point, so SMEs are encouraged to train staff and deploy layered security controls. 

Protection Against Top Cyber Incidents in Australia: What SMEs Can Do Now

New Era Technology offers tailored cyber security solutions to help your organisation stay protected and ahead:

Essential 8 Audit

Identify vulnerabilities and align with ACSC’s framework for proactive defence. Learn more→

Proactive Threat Prevention

Real-time monitoring, credential protection, and adaptive controls. Learn more →

Managed IT Services

End-to-end support to secure, scale, and streamline your IT environment. Learn more →

Secure Your Business Before It’s Too Late

We know cyber security isn’t just about compliance, it’s about resilience. That’s why, alongside our Essential 8 Audit services, we’re offering an exclusive FREE Vulnerability Assessment from November 2025 to February 2026.

✓ Identify hidden risks
✓ Get actionable insights aligned with ACSC standards
✓ Strengthen your defences before the next breach

                   Hurry – Limited Time Only!

Key Takeaways from 2025’s Top Cyber Incidents in Australia

Cyber security is no longer a luxury; it has now become a necessity. Whether you’re in healthcare, legal, logistics, or retail, the risks are real and rising, so take proactive measures today to stay protected from cyber incidents. 

Sources:

Australian Signals Directorate, Annual Cyber Threat Report 2024–25 (2025). © Commonwealth of Australia 2025. | ABC News – Luke Cooper, Qantas Data Breach: Website Seized After Cyber Attack (Oct 10, 2025). | Australian Signals Directorate, Scattered Spider (July 30, 2025). © Commonwealth of Australia 2025. | ABC News – Dinah Lewis Boucher, What’s happening with the Latitude Financial cyber attack? (Mar 27, 2023). | UpGuard – Edward Kost, Biggest Data Breaches in Australia. (January 2, 2025).