A hacker going by the name of 2019 has published what they claim is the personal data of more than 25,000 customers of the Australian Centre for the Moving Image (ACMI) to a hacking forum.
The data is spread across three distinct datasets, and allegedly includes full names, email addresses, gender and dates of birth, sign-in data, invoicing and pricing details, and IP addresses.
The ACMI is aware of the hacker's claims, and has advised Cyber Daily that some customer data has been impacted.
"On 2 June 2026, ACMI identified a data breach. All customers who have hired an online title from ACMI’s online streaming service Cinema 3 are affected," the ACMI said in a statement.
"As soon as the breach was identified, our technology team contained the incident and secured the platform. ACMI conducted a full review of our systems, and no further breaches were identified."
According to the ACMI, the impacted data includes full names, email addresses, IP addresses, and order details (what was rented, when it was rented and payment method).
"No passwords, or financial details were compromised. Importantly, financial details are not stored in this system," the ACMI said.
"ACMI has notified the Australian Signals Directorate’s Australian Cyber Security Centre of the breach. We are working with the Victorian Government Cyber Incident Response Service and the third-party provider involved to investigate the cause of the incident, and are continuing to monitor the situation."
The ACMI also confirmed that it does not utilise the Ferve ticketing platform, which was the source of the recent Melbourne International Film Festival breach.
Who is 2019?
The threat actor, 2019, has only been active, at least under that name, since February 2026, but in that time has posted the details of at least 20 breaches to hacking forums.
In some cases, the data is offered for direct download, while in others, the data is for sale.
According to the VECERT threat intelligence platform, 2019 is a “recurring breach actor with 23 tracked publications between 2026-02-06 and 2026-06-01”.
“Its activity has been associated with targets in Australia, New Zealand, Spain, the United Arab Emirates, USA,” it said.
What is the ACMI?
The Australian Centre for the Moving Image, in Melbourne’s Federation Square, hosts events and displays focusing on “screen-based art, film, TV and videogames”, as well as digital culture.
“As the only museum of its kind in Australia, ACMI is home to galleries, state-of-the-art cinemas, studios and labs,” the ACMI said on its website.
“Our programs spotlight both Australian and international voices, supporting the next generation of screen creatives through industry partnerships, education initiatives and our creative incubator.”
According to the ACMI, it hosts 1 million visitors every year.
Who is Ferve?
Based in Melbourne, Ferve Tickets provides event and ticketing services to clients across Australia, North America, the EU, Hong Kong, New Zealand, and Papua New Guinea.
Its customers include the Sydney Fringe Festival, the Sydney Film Festival, and Queer Screen Film Festival.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.