The cybercriminals stole hundreds of unique usernames and passwords in one hacking incident in April 2022.

It’s the first time Australia has led the charge to identify a notorious group, tracked as APT40, which has acted behalf on the People’s Republic of China’s Ministry of State Security.

According to a report on APT40 released on Tuesday, the hackers were found to prefer exploiting “vulnerable, public-facing infrastructure” through phishing campaigns and illegally obtaining passwords and other credentials.

As well as Australia, Five Eyes intelligence alliance members (Canada, New Zealand, the US and the UK) plus Germany and in a historic first, the Republic of Korea and Japan helped author the report.

Home Affairs and Cyber Security Minister Clare O’Neil said cyber intrusions from foreign governments were one of the “most significant threats” Australia faced.

“Every day our intelligence agencies work tirelessly to identify and disrupt these actors,” she said.

“We often face the same cyber threats and through advisories like these we can pool our collective knowledge and reach the greatest possible audience.”

Foreign Minister Penny Wong said the operation strengthened Australia’s position and influence on the global stage.

“The Albanese government is increasing Australia’s diplomatic, economic and defence engagement with Japan and Korea, as well as with Southeast Asia, with India, with the Quad and through AUKUS,” she said.