Select Page

Incident: Russian ransomware gang AlphV breaches Core Desktop, a South Melbourne IT services company | ABC News (Australia)

Incident: Russian ransomware gang AlphV breaches Core Desktop, a South Melbourne IT services company | ABC News (Australia)

Australian IT Services Ransomware Attack, 05 September 2023

Russian ransomware gang AlphV breaches Core Desktop, a South Melbourne IT services company

TissuPath, Strata Plan and Barry Plant Blackburn were all clients of Core Desktop

Source: Russian ransomware gang AlphV breaches Core Desktop, a South Melbourne IT services company | ABC News (Australia)

View more incidents from Managed Services sector, and Victorian incident reports.

This attack is one of the Australian Service Provider “Core Desktop” that was reportedly breached by the Russian cybercriminal group AlphV, which is also known as BlackCat, view the AlphV Australian Ransomware Attacks.

Core Desktop is the third-party supplier involved in last week’s TissuPath hack, which saw diagnostic and patient records posted on the dark web leak site of notorious ransomware gang LockBit.

TissuPath, Strata Plan and Barry Plant Blackburn were all clients of Core Desktop, a company based in South Melbourne which was hired to provide IT services.

The ABC has obtained a letter that Core Desktop sent to its clients which revealed it became aware of the hack on 22 August 2023.

“Our cyber forensic team do not have a firm understanding of the origins of the entry but initial suggestions are that it was from a targeted client-side phishing attack which infiltrated our control systems, impersonated privileged accounts and encrypted some servers,” the letter said.

“They appear to have acted in a focused fashion and threatened a small number of Core Desktop clients.”

Core Desktop’s managing director, Rod Bloom, confirmed his company was the victim of a cyber-attack.

“We’ve communicated with all of our clients about the attack,” he said.

“We’re not really aware of what information has been compromised … it’s not our data so we don’t know.”

Mr Bloom said the company had reported the data breach to the Office of the Australian Information Commissioner and the Australian Cyber Security Centre.

Core Desktop has since regained control of its systems after shutting down access to all affected accounts, resetting login details for administrators, resetting client passwords and hiring forensic cybersecurity specialists.

 


About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

How a notification wiped a business from social media | A Current Affair

Like most small businesses, Rebecca relies on social media for her brand. She spent years building her skincare line, even paying for ads on the platforms. But within seconds- it [...]

Key Trends in Cyber Security and Data Privacy (2026): a General Counsel lens

Cyber security and data privacy are now core governance tests - demanding clear decision-making authority, disciplined escalation and evidence … [...]

Australia’s New ADM Transparency Obligation: OAIC Signals a Broad Reading Ahead of December 2026

On 18 May 2026, the Office of the Australian Information Commissioner (OAIC) released its Issues Paper on the new automated decision-making (ADM) … [...]

Tracking pixels are one of many tracking tools that are often used by businesses to gain insights and target advertising effort across the internet … [...]

Legacy systems may be out of sight, but they're rarely risk-free. From forgotten databases to unsupported software, ageing technology gives attackers … [...]

Unfolding in real time: Artificial intelligence is reshaping cybersecurity

Key takeaways The cybersecurity capability of next-generation frontier artificial intelligence (AI) models is increasing rapidly. Large language … [...]

NSW Government Bulletin: Managing employee social media content in the public sector

Over recent years, the increase in social media activity across different platforms has facilitated opportunities for employees to comment on a broad … [...]

Australia: Pixel Perfect – The regulator addresses use of tracking pixels

On 11 June 2026, the Office of the Australian Information Commissioner (OAIC) published two determinations against Medmate Australia Pty Ltd (Medmate) … [...]

Discover how modern corporate investigations are shifting from email to chat and encrypted apps. Learn essential strategies for defensible forensic… [...]

Australian Cyber Aware - As It Was 2606 - June 2026

This monthly review provides a curated summary of Australian and New Zealand cyber, privacy, and information security developments identified during … [...]

Key Trends in Cyber Security and Data Privacy (2026): a General Counsel lens - Governance Institute of Australia

Cyber security and data privacy are now core governance tests – demanding clear decision-making authority, disciplined escalation and evidence that … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading