Powered by MOMENTUMMEDIA
For breaking news and daily updates, subscribe to our newsletter
user icon Login
Become a free member

Exclusive: Centrelink denies hacker claims of cyber attack

A threat actor with a reputation for targeting Australian entities has claimed a cyber attack on government service Centrelink, a claim Centrelink says is false.

author profile
Daniel Croft
Fri, 05 Jun 2026 Security
Exclusive: Centrelink denies hacker claims of cyber attack

As detected by threat researcher Dark Web Informer, the threat actor 2019 listed Centrelink on a cyber crime forum overnight.

Based on the listing and the researcher’s findings, the data was allegedly sourced from Centrelink and seems to be related to Centrelink’s Advice of Death form, which is used to notify the agency of a person’s death so that payments can be adjusted and support for the surviving family determined.

You’re out of free articles for this month

According to the post, alleged stolen data includes the full names and dates of birth and death of deceased individuals, Medicare card numbers, Centrelink reference numbers, child support reference numbers, home addresses, Aboriginal/Torres Strait Islander descent status, relationship status, hospital addresses and details, next-of-kin details including names, phone numbers and addresses, funeral director and business details, executor/admin of estate details, and the full names, signatures and declaration dates of Advice of Death notifiers.

 
 

The threat actor 2019 claims that over 2,100 records were impacted in the alleged incident.

Rather than holding Centrelink for ransom, 2019 has offered the alleged data up for a “one-time sale”, accepting bitcoin, Ethereum, or Monero.

Responding to Cyber Daily’s request for comment, Services Australia, of which Centrelink is a part, said the agency does not comment on specific cyber security operations, but confirmed that its systems were not breached.

“Services Australia takes the protection of personal information very seriously. Our platforms and systems remain secure and have not been compromised,” a Services Australia spokesperson said.

“While we don’t comment on specific cyber security operations, we do receive intelligence on activity on the dark web.

“Sometimes information linked to government payments or services appears online because another organisation that holds it has been compromised, rather than through any compromise of our systems.

“We work with the National Office of Cyber Security, the Australian Cyber Security Centre and the affected third parties to identify customers who may be at risk and place extra security measures on their records.”

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.
Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You have0 free articles left this month.
Register for a free account to access unlimited free content.
You have 0 free articles left this month.