Australian Manufacturing Cyber Attack, 06 Nov 2024

Western Australia – Australian engineering, construction and maintenance services company Goodline has confirmed with Cyber Daily that threat actors launched a cyber attack on its systems

600 gigabytes of data exfiltrated as a result of threat actors using company credentials to access the network.

Source: Australian engineering firm Goodline confirms RansomHub cyber attack | cyberdaily.au

View more incidents relating to the Manufacturing sector and incidents relating from Western Australia.

Australian engineering, construction and maintenance services company Goodline has confirmed with Cyber Daily that threat actors launched a cyber attack on its systems.

The incident reportedly occurred on 17 September, according to Goodline executive manager Catherine Kennedy, and was the result of threat actors using company credentials to access the network.

The company is actively investigating the breach with the assistance of cybersecurity giant CrowdStrike, which is expected to provide a comprehensive report on the incident. Despite the significant data theft, Goodline has managed to maintain operations, with some temporary disruptions. Kennedy praised the resilience of her team, mentioning how they effectively continued payroll processes manually during the system outages. Major clients, including mining giant Rio Tinto, have been notified of the incident.

RansomHub, a notorious ransomware group, has been linked to several cyberattacks targeting Australian organizations in recent months. The group initially listed Goodline on its darknet leak site on September 18, offering only minimal details about the attack. No ransom amount was specified, but a seven-day deadline was given for payment. The data taken in the attack included internal documents, financial information, and sensitive company details, though RansomHub has yet to release any of this data publicly.