Terry Ringland Chartered Accountants in NSW falls victim to INC Ransom attack disrupting accounting services. Meanwhile, Prestige Maintenance USA notifies 65,452 people of ransomware breach by Medusa gang demanding $1.2 million.
Trump administration unveils comprehensive AI cybersecurity action plan establishing AI Information Sharing and Analysis Center for threat intelligence. Australian regulator ASIC sues Fortnum Private Wealth over cybersecurity failures that exposed client records on dark web.
Sam Altman is preparing to launch an AI-powered web browser and warns of a looming fraud crisis from AI voice cloning. As OpenAI pushes into hardware and software, Altman is also urging banks to abandon outdated voiceprint authentication before it's exploited at scale.
Trump administration unveils comprehensive AI cybersecurity action plan establishing AI Information Sharing and Analysis Center for threat intelligence. Australian regulator ASIC sues Fortnum Private Wealth over cybersecurity failures that exposed client records on dark web.
Cyber News Centre's cyber update for 24th July 2025: The Trump administration unveils a comprehensive AI cybersecurity action plan establishing an Information Sharing and Analysis Center dedicated to AI threats. Meanwhile, Australian financial regulator ASIC takes legal action against Fortnum Private Wealth for alleged cybersecurity compliance failures that led to client data being published on the dark web.
The Trump administration has released a national AI action plan that places cybersecurity at the center of federal strategy. It urges critical infrastructure owners, particularly those with limited resources, to adopt AI tools for defense. The Department of Homeland Security will provide guidance on AI system vulnerabilities and establish a new AI Information Sharing and Analysis Center (AI-ISAC) to coordinate threat intelligence. Federal agencies will also work with the private sector to share AI-related vulnerabilities and improve response capabilities.
Update: The Trump administration's AI action plan promotes "secure by design" principles for AI systems used in safety-critical or homeland security applications. The National Institute of Standards and Technology will lead efforts to partner with industry and AI companies to build AI-specific guidance into incident response plans. The Cybersecurity and Infrastructure Security Agency (CISA) will modify existing industry guidance to include agency chief AI officers in discussions on active incidents.
The plan states that all AI use in safety-critical or homeland security applications should use secure, robust, and resilient AI systems that can detect performance shifts and alert to potential malicious activities like data poisoning or adversarial attacks.
Why it Matters: This represents a significant federal approach to AI cybersecurity, recognizing AI as both a defensive tool and potential attack vector. The AI-ISAC creates new coordination capabilities for sharing threat intelligence on AI-specific threats across critical infrastructure sectors. Organizations that adopt these security frameworks will be better positioned to leverage AI technologies safely while maintaining robust defenses.
The plan's emphasis on secure-by-design principles addresses growing concerns about AI systems being vulnerable to hacking and manipulation, requiring specialized technical expertise and response procedures that traditional cybersecurity approaches may not adequately address.
The Australian Securities and Investments Commission (ASIC) has filed proceedings in the Supreme Court of New South Wales against Fortnum Private Wealth Limited, alleging the financial services firm failed to adequately manage cybersecurity risks between April 2021 and May 2023. The regulatory action follows multiple cyber incidents affecting Fortnum's authorized representatives, including a significant cyber attack that resulted in data from more than 9,000 clients being published on the dark web.
ASIC alleges that despite introducing a cybersecurity policy in April 2021, Fortnum's framework was inadequate and failed to meet obligations as an Australian Financial Services licensee. The regulator claims Fortnum did not require its authorized representatives to undertake minimum cybersecurity education or training and failed to adequately supervise their cyber risk management frameworks. ASIC is seeking declarations and pecuniary penalties against the firm, with proceedings listed for directions on August 4, 2025.
Update: This legal action represents ASIC's continued enforcement push for financial services firms to implement adequate cyber risk management systems. The case follows similar action in March 2025 against FIIG Securities Limited, where ASIC alleged inadequate cybersecurity measures for over four years enabled theft of approximately 385GB of confidential data affecting 18,000 clients.
ASIC has published comprehensive "Cyber Resilience" guidance providing resources for boards and organizations to develop adaptive cybersecurity processes. The Fortnum case specifically highlights failures in supervising authorized representatives' cybersecurity practices and inadequate training requirements for staff handling sensitive client data.
Why it Matters: This enforcement action signals ASIC's commitment to holding financial services firms accountable for cybersecurity failures that compromise client data. For Australian financial institutions, this demonstrates that regulatory compliance now explicitly includes robust cybersecurity frameworks, with potential legal and financial consequences for inadequate protection measures.
The case establishes precedent that financial services licensees must actively supervise and monitor their representatives' cybersecurity practices, not merely implement policies. For consumers, this regulatory enforcement provides additional protection for personal financial data and demonstrates that regulators are taking proactive steps to ensure firms prioritize cybersecurity as a core business obligation rather than an optional consideration.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Terry Ringland Chartered Accountants in NSW falls victim to INC Ransom attack disrupting accounting services. Meanwhile, Prestige Maintenance USA notifies 65,452 people of ransomware breach by Medusa gang demanding $1.2 million.
Australian IVF provider Genea confirms a cyberattack that exposed sensitive patient data on the dark web. Meanwhile, CISA and FBI issue a joint advisory on escalating Interlock ransomware attacks targeting virtual machines across North America and Europe.
Australian fashion brand Sabo exposes 3.5 million customer records in unprotected database. Meanwhile, Dell confirms breach of demonstration platform by World Leaks extortion group, affecting primarily synthetic data used for product demos.
Singapore is responding to a cyberattack by UNC3886, a China-linked espionage group targeting critical infrastructure. Minister K. Shanmugam confirmed the threat is serious and ongoing, as the CSA leads investigations to protect national services from long-term disruption.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
