Copyright Agency

Summary

Australia's Copyright Agency, which collects and distributes royalties to more than 37,000 writers, visual artists, and publishers, investigated a cybersecurity incident in November 2021. The breach potentially exposed personal and financial information of members who receive copyright payments through the organisation.

What Happened

The Copyright Agency detected a cyber incident affecting its systems in mid-November 2021. The organisation immediately began investigating to determine what data had been accessed and the extent of the compromise.

As a copyright collective management organisation, Copyright Agency holds sensitive information about creative professionals including bank account details for royalty payments, contact information, and details of copyright works and earnings.

Impact on Individuals

The breach potentially affected 37,000-plus members of the Copyright Agency, including:

• Financial data at risk: Bank account numbers used for royalty payments
• Personal information: Contact details, membership records
• Professional information: Details of copyright works, earnings records
• Payment disruption: Potential impacts to royalty payment systems

The affected members included writers, visual artists, publishers, and other creative professionals who rely on Copyright Agency to collect and distribute their copyright income.

Organisational Response

Copyright Agency notified its 37,000-plus members about the cyber incident and engaged cybersecurity experts to investigate. The organisation worked to determine the scope of data accessed and implement security measures to protect member information.

The incident raised concerns about the security of financial and personal data held by collective rights management organisations in Australia's creative industries.