🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Other
Other sector · leaderboard
Own the Other leaderboard
The top banner across the Other overview and every Other record — one advertiser, exclusively.
Own this leaderboard → breach@govern.co.nz

Melbourne International Film Festival

🇦🇺 Melbourne, VIC · Melbourne International Film Festival (MIFF) · Record AU-2026-0140
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
26,782 (approx)
Breach date
2026-05
Regulator
ACSC (ASD) notified
Trust tier
B · Reported

Data exposed

Names, email addresses, phone numbers, addresses, customer IDs and membership/purchase data; MIFF said no credit-card data was involved Company-confirmed

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In May 2026 the Melbourne International Film Festival responded to a cyber incident affecting its ticketing platform, exposing about 26,782 customer records — names, contact details, addresses, customer IDs and purchase data — with no credit-card data involved [miff-co], [miff-cd]. MIFF notified the ACSC.

Current status

Disclosed. A hacker claimed 340,000 records, which MIFF disputes as larger than its database; the 26,782 figure is MIFF’s own [miff-cd], [miff-co].

Why it matters

Even a contact-details breach at a well-known cultural event feeds targeted phishing; this record keeps MIFF’s stated figure separate from the attacker’s disputed claim.

GGOVERN Tabletop Exercises · Govern house Strengthen your cyber resilience — rehearse the decisions that matter. Book a Discovery Call →