Threat actor 2019 posts alleged National Portrait Gallery customer and client data to undergound hacking forum; names, emails, and location data potentially compromised.
A hacker who has already left a string of Australian victims in their wake is claiming to have accessed and subsequently published a raft of what appears to be personal information relating to customers and potentially employees to a hacking forum.
The hacker, known as 2019 and responsible for a string of cyber incidents across Australia, shared two separate data sets linked to individuals with some connection to the Gallery in a forum post dated June 23, alongside a sample of the allegedly compromised data.
The first set includes user IDs, names, email addresses, phone numbers, dates of birth, and several fields related to user organisations and payroll information.
The second data set is similar, but with some variations in data fields. In total, 2019 claims to have the data of more than 2,600 individuals, which they are offering at no charge.
The sample data follows those conventions and appears to include the contact details of a member of a foreign embassy on Australian soil.
Who is 2019
The threat actor, known as 2019 on the forum in question, has been targeting Australian organisations since early 2026, with some of their most recent victims including the Melbourne International Film Festival, a Canberra medical clinic, and the Australian Centre for the Moving Image.
2019 also breached the email systems of the Australian Productivity Commission, using the access to directly harass several Australian journalists.
Very little else is known about their identity.
The National Portrait Gallery has said it is investigating the claims, but has declined to provide further comment.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.