What happened
In May 2026 the Melbourne International Film Festival responded to a cyber incident affecting its ticketing platform, exposing about 26,782 customer records — names, contact details, addresses, customer IDs and purchase data — with no credit-card data involved [miff-co], [miff-cd]. MIFF notified the ACSC.
Current status
Disclosed. A hacker claimed 340,000 records, which MIFF disputes as larger than its database; the 26,782 figure is MIFF’s own [miff-cd], [miff-co].
Why it matters
Even a contact-details breach at a well-known cultural event feeds targeted phishing; this record keeps MIFF’s stated figure separate from the attacker’s disputed claim.