Australian Retailer Ransomware Breach, 15 January 2024

Qilin ransomware gang has shared 37.6 gigabytes of data belonging to Victorian print music company Hal Leonard Australia

Hal Leonard given a week to pay an undisclosed sum of money for ransom

Source: Print music giant Hal Leonard Australia falls victim to Qilin ransomware | cyberdaily.au

View more incidents relating to the Retail sector, and other Victoria incident reports.

Hal Leonard Australia, a print music company, fell victim to the Qilin ransomware gang. The attackers shared 37.6 gigabytes of the company’s sensitive data, including financial documents and emails, on the dark web after Hal Leonard failed to pay the ransom.

“In a result of successful attack on this company we have captured a lot of data: private contracts, agreements, all financial documentation, projects, e-mail correspondence and much more,” a Qilin spokesperson said on the gang’s leak site. “In a case if this company won’t get in touch all data which we have will be accessible for download in a week.”

The Qilin group, which operates as a ransomware-as-a-service provider, began its activities in 20222. Despite not being widely known for a high number of attacks, it has targeted organizations globally, including several in Australia, using malware written in Rust and Golang languages.