Select Page

Incident: Snow Brand Australia confirms SafePay ransomware attack | Cyberdaily.au

Incident: Snow Brand Australia confirms SafePay ransomware attack | Cyberdaily.au

Australian Manufacturing Ransomware Attack, 22 November 2024

Victorian based Snow Brand Australia confirms SafePay ransomware attack

Stolen 24 gigabytes, including financial data invoices, purchase orders, and details of retail partners. Also employee data, medical certificates, superannuation details, and Medicare applications.

Source: Snow Brand Australia confirms SafePay ransomware attack | Cyberdaily.au

View more incidents relating to the Manufacturing Manufacturing sector and incidents from Victoria.

Summary

Snow Brand Australia has confirmed a recent ransomware attack by the SafePay ransomware gang, impacting some of its employee data. The attack was listed on SafePay’s darknet leak site, alongside 23 other victims. The gang, which appears to be a new operation possibly based in Russia, published an archived dataset of almost 24 gigabytes, including financial data such as invoices, purchase orders, and details of the company’s business with various retail partners. Also included are some employee data, such as medical certificates, superannuation details, and Medicare applications

Statements

A Snow Brand spokesperson stated, “Snow Brand recently experienced a cyber incident where unusual activity was detected on our network. We immediately secured our network and initiated an investigation to understand what happened, including any impact to information.”

The Australian Cyber Security Centre and the Office of the Australian Information Commissioner have been notified, and the company has communicated with individuals impacted by the data breach. The spokesperson added, “We otherwise confirm our systems are secure, and Snow Brand remains fully operational.”

Impact

The financial data could be used for BEC or fraud, customers of Snow Brand should take extra care when making payments. The more significant impact is the PII of employees’ data, especially the superannuation and Medicare details.

Attacker

SafePay is a new ransomware operation, with Snow Brand being one of its first victims. According to research by cyber security firm Huntress, SafePay only began operating within the last couple of months. The gang checks for systems using Cyrillic characters and aborts the attack if found, suggesting an Eastern European origin.

Conclusion

This incident underscores the increasing vulnerability of the global food industry to ransomware attacks. Cybercriminals have intensified their focus on critical industries, aiming to exploit operational dependencies on technology and data.

“Organizations in the food production sector must recognise that they are high-value targets for cybercriminals,” said a cybersecurity expert. “Investing in robust cybersecurity measures is no longer optional but essential for operational resilience.”

Industry Incidents

  • Incident: Four’N Twenty owner Patties Foods reportedly targeted in ‘data breach’ | Mumbrella
  • Incident: Yakult Australia targeted in cyber attack, employee files published on dark web | ABC News Australia
  •  


    About The Author

    Steven Kirby

    I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

    More Australian News

    Unfolding in real time: Artificial intelligence is reshaping cybersecurity

    Key takeaways The cybersecurity capability of next-generation frontier artificial intelligence (AI) models is increasing rapidly. Large language … [...]

    NSW Government Bulletin: Managing employee social media content in the public sector

    Over recent years, the increase in social media activity across different platforms has facilitated opportunities for employees to comment on a broad … [...]

    Australia: Pixel Perfect – The regulator addresses use of tracking pixels

    On 11 June 2026, the Office of the Australian Information Commissioner (OAIC) published two determinations against Medmate Australia Pty Ltd (Medmate) … [...]

    Discover how modern corporate investigations are shifting from email to chat and encrypted apps. Learn essential strategies for defensible forensic… [...]

    Australian Cyber Aware - As It Was 2606 - June 2026

    This monthly review provides a curated summary of Australian and New Zealand cyber, privacy, and information security developments identified during … [...]

    Key Trends in Cyber Security and Data Privacy (2026): a General Counsel lens - Governance Institute of Australia

    Cyber security and data privacy are now core governance tests – demanding clear decision-making authority, disciplined escalation and evidence that … [...]

    OAIC ordered to turn over Amex privacy determination in full

    Australia’s privacy watchdog has been told to turn over full details of an investigation into American Express that uncovered security and access … [...]

    How to stay cyber secure: Australia’s top cyber agency releases Privileged User Training video series

    The new training series offers a pathway for IT professionals to strengthen their cyber security skills and better understand cyber criminal … [...]

    NSW Rural Fire Service admits security incident

    The NSW Rural Fire Service (RFS) is investigating a cybersecurity incident after a hacker gained access to its information and communications … [...]

    Scams surge as cybercrime falls

    Cybercrime declined in Australia last year, but fraud and scams bucked the trend and victims have given up complaining, the Australian Institute of … [...]

    Generation Life confirms customers impacted in April cyber incident

    Aussie investment firm Generation Life has confirmed that customer data was impacted in a cyber attack it suffered back in April. • Fri, 26 Jun 2026 • … [...]

    In wake of KPMG scandal, government considers splitting accounting firms' auditing and consulting arms

    Accounting firms could be asked to split their lucrative consulting services from their audit functions and individual firm partners could face far … [...]

    Shares
    Share This

    Discover more from Australian Cyber Aware

    Subscribe now to keep reading and get access to the full archive.

    Continue reading