March 08, 2023
Our list of publicly disclosed cyberattacks in Australia for 2022. In particular, the attacks on telecommunications provider Optus in September and health insurer Medibank in October attracted a lot of attention, because personal data of a large number of Australians was affected.

Cyber incident overview

Cyber attacks Australia in 2022
License Creative Commons BY 4.0. Credits: KonBriefing Research
Diagram in high resolution (License: Creative Commons BY 4.0):

Which companies were affected by a cyber attack?

1February 2022Clayton VICVICPracticesVictoria, Healthcare,Australian Clinical Labs Limited (ACL) / Medlab Pathology
2February 20, 2022Newcastle NSWNSWCruisesNew South Wales, Travel, Tourism,Boats, Martime, Ships,Scenic Group
3April 2022Sydney NSWNSWTransport authorityNew South Wales, Transportation,Transport for NSW
4May 15, 2022Norwest NSWNSWIT applicationNew South Wales, Healthcare,Welfare, Social,CTARS
5May 19, 2022Fund companyFinance, Money,Spirit Super
6June 8, 2022MediaMedia Today
7June 2022City of Boroondara VICVICCollegeVictoria,Xavier College
82022Bentleigh East VICVICConstructionVictoria, Construction,Langford Jones Homes
9July 2022Truganina VICVICPrisonVictoria, Administration, Authority, Government, Public sector,Port Phillip Prison
10July 10, 2022Melbourne VICVICUniversityVictoria, College, University, Research,Deakin University
11July 2022Perth WAWAUniversityWestern Australia, College, University, Research,University of Western Australia
12August 21, 2022Ravenhall VICVICVegetablesVictoria, Groceries, Food,Costa Group
13September 10, 2022Brisbane QLDQLDITQueensland,Dialog Information Technology
14September 2022Macquarie Park NSWNSWTelecommunicationNew South Wales,Optus
15September 29, 2022Surry Hills NSWNSWCare productsNew South Wales, Consumer goods,The Good Collective Pty Ltd / Flora & Fauna
16September 30, 2022Melbourne VICVICEnergy supplierVictoria,EnergyAustralia
17October 2022Melbourne VICVICTelecommunicationsVictoria,Telstra
18October 2022Cairns QLDQLDHealth serviceQueensland, Healthcare,Apunipima Cape York Health Council
19October 12, 2022Melbourne VICVICHealth insuranceVictoria, Finance, Money,Healthcare,Medibank
20October 2022 ?Melbourne VICVICOnline retailerVictoria,MyDeal
21October 2022 ?Ormond VICVICSchoolVictoria,Kilvington Grammar School
22October 2022 ?Melbourne VICVICOnline wine retailerVictoria, Groceries, Food,Vinomofo
23October 24, 2022Eagle Farm QLDQLDReal estateQueensland, Real estate,Harcourts
24October 2022Bundall QLDQLDProperty ManagementQueensland, Real estate,SSKB Group
25October 2022Defence ForcesArmed Forces, Military,Australian Defence Force / ForceNet
26November 3, 2022ITPNORS Technology Group
27November 3, 2022Canberra ACTACTLegal serviceAustralian Capital Territory, Administration, Authority, Government, Public sector,Justice, Legal,Legal Aid ACT
28November 2022Melbourne VICVICEngineeringVictoria,Aurecon
29November 2022 ?Sydney NSWNSWCharity organizationNew South Wales, Welfare, Social,The Smith Family
30November 2022 ?Sydney NSWNSWEnergy supplierNew South Wales,AGL
31December 2022Brisbane QLDQLDHospitalsQueensland, Healthcare,Clinic, Hospital,Mater Health
32December 3, 2022Rockhampton QLDQLDBankQueensland, Finance, Money,The Capricornian
33December 2022Palm Beach NSWNSWReal estate agencyNew South Wales, Real estate,LJ Hooker
34December 13, 2022Sydney NSWNSWTelecommunications providerNew South Wales,TPG Telecom / iiNet / Westnet
35December 15, 2022Melbourne VICVICFire agencyVictoria, Administration, Authority, Government, Public sector,Emergency service, Rescue,Fire Rescue Victoria (FRV)
36December 22, 2022Brisbane QLDQLDUniversityQueensland, College, University, Research,Queensland University of Technology (QUT)

Hacker attacks statistics

By month

Cyber attacks Australia in 2022 by month
License Creative Commons BY 4.0. Credits: KonBriefing Research
Diagram in high resolution (License: Creative Commons BY 4.0):

By industry

Cyber attacks Australia in 2022 by industry
License Creative Commons BY 4.0. Credits: KonBriefing Research
Diagram in high resolution (License: Creative Commons BY 4.0):


  • The statistics are based on the known incidents listed here.
  • Since only some of the cases become known, the evaluations are not representative.
  • Industries where incidents are immediately visible due to public access (e.g. healthcare) are more represented than others.
  • An incident may be assigned to multiple countries or industries. Also, a country cannot always be assigned. So the totals shown on the charts may be different.
  • The graphics may be reused according to the license Creative Commons Attribution 4.0 / CC BY 4.0 (attribution: KonBriefing Research).

Details, examples and sources

Flag AustraliaFebruary 2022
Unauthorized access to patient data at pathology practices in Australia
Australian Clinical Labs Limited (ACL) / Medlab Pathology - Clayton, Victoria, Australia
Flag AustraliaApril 2022
Unauthorized access at a transport authority in Australia
Transport for NSW - Sydney, New South Wales, Australia
At the authority, there was already an unauthorized access in early 2021 due to a vulnerability in a file transfer software.
Flag AustraliaMay 15, 2022
Unauthorized access to a cloud application for care services in Australia
CTARS - Norwest, New South Wales, Australia
Flag AustraliaMay 19, 2022
Unauthorized access to emails of an Australian fund company
Spirit Super - Australia
Flag AustraliaAugust 21, 2022
Cyber attack on a vegetable growing company in Australia
Costa Group - Ravenhall, Victoria, Australia
Flag AustraliaSeptember 10, 2022
Cyber attack on an IT company in Australia
Dialog Information Technology - Brisbane, Queensland, Australia
Flag AustraliaSeptember 29, 2022
Malware on the website of a provider of care products in Australia
The Good Collective Pty Ltd / Flora & Fauna - Surry Hills, New South Wales, Australia
Flag AustraliaOctober 2022
Another Australian telecommunications provider affected by data theft
Telstra - Melbourne, Victoria, Australia
Affected are approximately 30,000 employee records from a former employee rewards program that was operated by a third-party vendor.
Flag AustraliaOctober 2022
Cyber attack on a health service in Australia
Apunipima Cape York Health Council - Cairns, Queensland, Australia
Flag AustraliaOctober 12, 2022
Cyberattack on a health insurance company in Australia
Medibank - Melbourne, Victoria, Australia
⭐⭐⭐⭐ KonBriefing thinks: excellent immediate communication by the affected organization.
⭐⭐⭐⭐ KonBriefing thinks: excellent updated information on the incident by the affected organization.
Flag AustraliaOctober 2022 ?
Unauthorized access to customer data at an online retailer in Australia
MyDeal - Melbourne, Victoria, Australia
Flag AustraliaNovember 3, 2022
Cyberattack on a public legal service in Australia
Legal Aid ACT - Canberra, Australian Capital Territory, Australia
⭐⭐⭐ KonBriefing thinks: very good immediate communication by the affected organization.
Flag AustraliaNovember 2022 ?
Hacker attack on a charity organization in Australia
The Smith Family - Sydney, New South Wales, Australia
The affected organization informed the public about the incident.
Flag AustraliaNovember 2022 ?
Unauthorized access a number of customer accounts at an Australian energy supplier
AGL - Sydney, New South Wales, Australia
⭐⭐⭐ KonBriefing thinks: very good updated information on the incident by the affected organization.
Flag AustraliaDecember 3, 2022
Online fraud with debit cards of a bank in Australia
The Capricornian - Rockhampton, Queensland, Australia


How many companies and organizations were affected by cyberattacks?

KonBriefing Research had counted 36 successful cyberattacks on Australian companies and organizations for the period.

When did cyber attacks take place?

For 2022, KonBriefing Research counted the following successful cyberattacks on companies and organizations in Australia: February (2)  •  April (1)  •  May (2)  •  June (3)  •  July (3)  •  August (1)  •  September (4)  •  October (9)  •  November (5)  •  December (6)

Which industries were affected by cyberattacks?

For the year 2022, KonBriefing Research found successful cyberattacks on companies and organizations of the following industries: Healthcare (5)  •  Telecommunication (3)  •  Real estate (3)  •  Public sector (3)  •  Finance (3)  •  Universities (3)  •  IT (3)  •  Social welfare (2)  •  Education (2)  •  Energy industry (2)  •  Online retailer (2)  •  Food (2)  •  Media (1)  •  Construction (1)  •  Consumer Goods (1)  •  Hospital (1)  •  Agriculture (1)  •  Maritime (1)  •  Military (1)  •  Rescue (1)  •  Service provider (1)  •  Transportation (1)  •  Travel (1)  •  Legal (1) (Multiple assignments possible).

About KonBriefing Research

KonBriefing Research is an independent researcher and analyst in the field of IT security, information security, risk management and compliance. The company was founded in 2019 and is based in Germany.

About the author

Bert Kondruss
Bert Kondruss
Founder and managing director of KonBriefing Research

Cyber attacks worldwide

Cyber attacks worldwide
(Click the image to open)