Close this search box.

Alleged Breach Threatens Over 4 Million .au Domains


The Alleged Breach: What’s Happening?

auDA, Australia’s internet domain administrator, is investigating an alleged data breach involving 15GB of data. This could affect anyone with an AU domain, given auDA’s authority over domain space.

auDA discovered a potential breach last Friday. The following day, they released more information and notified the Australian Cyber Security Centre, the Department of Home Affairs, and the Office of the Australian Information Commissioner about the situation.

Understanding auDA

auDA controls all Australian websites ending with .au, and as of the given date, they have registered 4,255,871 .au domains. If you have a website like this, you’ve interacted with them.

This alleged breach is big news, especially if hackers have more data than they’re letting on. There’s potential it might affect everyone with an .au domain.

Details of the Alleged auDA Breach

A cybercriminal claims to have stolen specific data, with the authenticity still under investigation. The alleged 15GB of stolen information includes:

  • Legal documents
  • Passports
  • Personal data
  • Bank account details
  • Medical reports
  • Loan repayment information
  • Death certificates

Typically, to steal someone’s identity, attackers need access to a combination of personal details. The range of information that was allegedly accessed in this case is especially worrisome.

What to Do if You Suspect Identity Theft?

If you’re worried about the recent situation with auDA and how it might affect you, it’s good to know what to do if your identity is at risk. These steps aren’t just for this incident; they can help you in any case of identity theft. Here’s what you can do:

  1. Secure Your Accounts: Change passwords and freeze any suspicious accounts. If needed, you can use password managers, which store your passwords securely and help you create strong, unique passwords for each of your accounts.
  2. Review and Report: Check credit reports with Australian agencies for fraudulent activity and report concerns.
  3. Contact Authorities: Alert local law enforcement and relevant governmental bodies, such as the Australian Taxation Office, in case of tax-related fraud.
  4. Place a Credit Alert: In Australia, you can place a ban on your credit report to prevent anyone from accessing your credit information without your consent.

Find more easy tips and information to keep your personal and business data safe in our Cyber Security Guide.

Stay Informed, Updates to Follow

The alleged data breach affecting au domain holders is still being investigated. As of now, it’s only a claim, not a proven fact. Our team will continue to monitor the situation and provide updates as more information becomes available. Check back regularly for the latest news.


auDA has concluded their investigation into the recent alleged cyber incident, revealing no evidence of access to their systems or data compromise. The breach’s source was traced back to an Australian sole trader targeted by a malware attack. You can read their official statement here.
Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →