Australian Retail Ransomware Attack, 15 November 2024

The Sarcoma ransomware gang has claimed Australian office furniture supplier Micon Office National as a victim on its darknet leak site

Potentially 34 gigabytes of data exfiltrated from the company and is threatening to publish the data within 11 days.

Source: Wollongong-based Micon Office National confirms ransomware attack | Cyberdaily.au

View more incidents relating to the Retail sector and incidents relating from Ransomware.

Micon Office National, a Wollongong-based Australian office furniture supplier, has confirmed it was the latest victim of the Sarcoma ransomware gang. The group claimed responsibility for the attack, asserting that it had exfiltrated 34 gigabytes of data from the company. The stolen data reportedly includes a mix of invoices, SQL databases, and emails from an Exchange server. The gang has threatened to release the data within 11 days unless its demands are met, although the ransom amount has not been disclosed. The gang posted proof of the breach, sharing a pair of invoices and a medical letter belonging to a company employee on its darknet leak site.

Sarcoma has not listed a ransom amount but does say it has various files, SQL databases, and emails from an Exchange server. The gang shared three documents as proof of the hack, a pair of invoices, and a medical letter belonging to an employee of Micon Office National.

Micon Office National has confirmed the attack, with a spokesperson for the company telling Cyber Daily it became aware of the incident on 4 November and that it likely occurred the day before.

“We informed our security software company who has passed it on,” the spokesperson said, adding that law enforcement is aware of the incident.

Staff have been informed of the incident; however, the spokesperson said, “no client files were affected as these are managed by a Sydney software company”.