外刊双语：澳洲企业屡被黑客攻击，数百万用户隐私遭泄漏？

原文标题：
Data hacks
Once more unto the breach
A spate of cyber-attacks is making life miserable for Australians
数据黑客
再一次共赴战场
一连串的网络攻击让澳大利亚人的生活变得糟糕透顶

Excessive data retention and sloppy security make the country look a juicy target
过度的数据保留和松懈的安全使得该国成为一个易受攻击的目标

[Paragraph 1]
“I LITERALLY HAVE no privacy any more,” groans Anita, a researcher in Western Australia (who, in a bid to regain some, asked TE to withhold her surname).
西澳大利亚州的研究员安妮塔叹息道：“我再也没有隐私了。”（为了重获一些隐私，她要求本报不要透露自己的姓氏）

Her personal data has been stolen twice. On September 23rd her phone company, Optus, told her that she had been a “victim of a cyber-attack”, exposing her name, contact details, and passport and driving licence numbers.
她的个人数据两次被盗。9月23日，她的电话公司Optus告诉她，她是“网络攻击的受害者”，她的姓名、联系方式、护照和驾照号码遭泄漏。

A few weeks later she learnt that her private health insurer, AHM, had been hit in a separate attack.
几周后，她得知她的私人健康保险公司AHM遭到另一起袭击。

Her phone buzzes more often with spam calls and emails these days. She was recently the target of a phishing attempt.
这些天，她的手机经常收到骚扰电话和垃圾邮件。她最近成为网络钓鱼攻击的目标。

[Paragraph 2]
Millions of Australians share that misery. A spate of big cyber-attacks has disrupted life down under.
数百万澳大利亚人也有同样的痛苦。一连串大型网络攻击扰乱了澳洲人的生活。

The one against Optus, Australia’s second-biggest telecoms company, affected up to 10m of its current and former customers—about 40% of the country’s population. More than a fifth of them had identity numbers stolen.
澳大利亚第二大电信公司Optus受到的网络攻击，使该国1000万现客户和前任户受影响，约相当于人口的40%。其中超过五分之一的人的身份证号码被盗。

[Paragraph 3]
Medibank, a health insurer which owns AHM, revealed on October 13th that it had been targeted. The data of all its 4m customers was compromised, including sensitive information about their health claims.
AHM的母公司Medibank在10月13日透露，该公司已成为攻击目标。该公司400万客户的数据全都被泄漏，其中包括他们保险赔偿的敏感信息。

The next day Woolworths, a supermarket, reported that its systems had been breached. An attack on MyDeal, an online marketplace that it owns, exposed information on 2.2m customers.
第二天，一家超市Woolworths报告称系统遭到破坏。旗下的在线交易平台MyDeal受攻击，220万客户的信息遭泄漏。

A few days later Vinomofo, an online wine-seller, said hackers had accessed data on 500,000 customers from a testing platform.
几天后，在线葡萄酒销售商Vinomofo表示，黑客从一个试验台获取了50万名客户的数据。

And on October 31st the country’s defence department said a ransomware attack had struck a communications platform it uses.
10月31日，该国国防部使用的通信平台遭到勒索软件攻击。

[Paragraph 4]
It may be simply that big hacks are getting harder to hide, says Alastair MacGibbon, Australia’s former national cyber-security adviser. And each breach could entice copycats.
澳大利亚前国家网络安全顾问阿拉斯泰尔·麦克吉本表示，这可能只是因为大型黑客事件很难隐藏。每一次泄漏都可能引来其他黑客。

But an increasingly plausible explanation is that Australia is the target of a state-backed campaign.
但有个合理的解释原因是：澳大利亚成为受攻击的目标，可能有另一个国家在背后支持。

Russian hackers, he suggests, may be “starting to cause fear, uncertainty and doubt” in countries supporting Ukraine.
他认为，俄罗斯黑客可能正在给支持乌克兰的国家“制造恐惧、不确定性和怀疑”。

[Paragraph 5]
Either way, Australians are hacked off at how much data their companies are hoarding.
无论什么原因，澳大利亚人被黑客攻击的概率取决于公司囤积了数据量。

Successive governments have passed laws to beef up “national security” over the past decade or so.
过去十年左右，历届政府都通过了加强“国家安全”的法律。

The result has been to gather lots of data about everybody, says Vanessa Teague of Australian National University in Canberra.
堪培拉澳大利亚国立大学的瓦妮莎·蒂格表示，法律颁布的结果就是大量收集个人数据。

Companies operate under one of the most intrusive data-retention systems in the Western world.
澳洲企业需要在数据保留系统下运营，这个系统在西方世界里属于易遭入侵类型。

Since 2017 telecoms firms have been required to retain customer metadata for two years. Medibank says it is required to hold data about its members for seven years.
自2017年以来，电信公司被要求保留客户元数据两年。Medibank表示被要求保留客户数据七年。

[Paragraph 6]
Australian companies have eagerly gathered more data on their customers, but have done less to beef up their defences.
澳大利亚公司急不可待地收集了有关客户的大量数据，但在加强网络安全防御方面的举措寥寥无几。

It is unusual to find a cyber-security expert on an Australian firm’s board, notes Suelette Dreyfus, a data-security researcher at the University of Melbourne.
墨尔本大学的数据安全研究员苏莱特·德雷福斯指出，在一家澳大利亚公司的董事会上很难找到一位网络安全专家。

Replacing ageing IT systems has been treated as an inconvenient expense rather than a necessity, she adds.
她补充道，更换老化的IT系统已被视为一项“不便开支”，而非“必要开支”。

There is little in Australia’s data-protection laws to force more action.
澳大利亚的数据保护法几乎没有强制措施。

Its Privacy Act of 1988 was written “before the internet itself really existed”, says Brendan Walker-Munro of the University of Queensland.
昆士兰大学的布伦丹·沃克·蒙罗表示，1988年的《隐私法》是“在互联网流行之前”制定的。

The law asks companies to take “such steps as are reasonable” to safeguard data. Little punishment is imposed on those that fail to do so.
法律要求公司采取“合理的措施”来保护数据。但不作为的公司几乎不会受到惩罚。

[Paragraph 7]
The Labor government, elected in May, wants to change that.
5月上台的工党政府希望改变这一现状。

On October 26th it introduced legislation that would slap much bigger fines on firms struck by serious or repeated data breaches, lifting the penalty from A$2.2m ($1.4m) to A$50m or more.
10月26日，政府出台了一项立法，会对严重或反复数据泄露的公司处以更高的罚款，将罚款从220万澳元（140万美元）提高到5000万澳元或更多。

A wider review of Australia’s privacy law is also under way. Firms should be made to “dispose of data safely” after they have verified a customer’s identity, suggests the attorney-general, Mark Dreyfus.
《澳大利亚隐私法》也引发了更广泛的评论。司法部长马克·德雷福斯建议，公司应在核实客户身份后，应该“安全地处理数据”。

[Paragraph 8]
The recent spate of breaches offers companies other reasons to bolster their defences, too.
最近一连串的泄漏事件让公司有其他动力来维护网络安全。

Medibank’s shares plunged 20% after the hack. It estimates the attack will cost it up to A$35m before legal costs or payouts.
遭黑客攻击后，Medibank的股价暴跌20%。据估计，除了法务成本和巨额赔付之外，此次袭击将使其蒙受高达3500万澳元的损失。

Optus is facing at least one class-action lawsuit. That is only the beginning of its problems. Fully 10% of its customers have abandoned the company since their data was stolen. Many more intend to follow.
Optus至少面临一场集体诉讼。这只是问题的开始。自从他们的数据被盗后，有10%的客户已经放弃了该公司。更多人打算如法炮制。

（恭喜读完，本篇英语词汇量728左右）
原文出自：2022年11月5日《TE》Asia版块。

精读笔记来源于：自由英语之路

本文翻译整理: Irene

本文编辑校对: Irene
仅供个人英语学习交流使用。

【补充资料】（来自于网络）
网络攻击（Cyber Attacks，也称赛博攻击）是指针对计算机信息系统、基础设施、计算机网络或个人计算机设备的，任何类型的进攻动作。对于计算机和计算机网络来说，破坏、揭露、修改、使软件或服务失去功能、在没有得到授权的情况下偷取或访问任何一计算机的数据，都会被视为于计算机和计算机网络中的攻击。

网络钓鱼（Phishing，与钓鱼的英语fishing发音相近，又名钓鱼法或钓鱼式攻击）是通过大量发送声称来自于银行或其他知名机构的欺骗性垃圾邮件，意图引诱收信人给出敏感信息（如用户名、口令、帐号 ID 、 ATM PIN 码或信用卡详细信息）的一种攻击方式。

【重点句子】（3 个）
Her phone buzzes more often with spam calls and emails these days. She was recently the target of a phishing attempt.
这些天，她的手机经常收到骚扰电话和垃圾邮件。她最近成为网络钓鱼攻击的目标。

Either way, Australians are hacked off at how much data their companies are hoarding.
无论什么原因，澳大利亚人被黑客攻击的概率取决于公司囤积了数据量。

The recent spate of breaches offers companies other reasons to bolster their defences, too.
最近一连串的泄漏事件让公司有其他动力来维护网络安全。

自由英语之路