Select Page

Incident: Snow Brand Australia confirms SafePay ransomware attack | Cyberdaily.au

Posted by | Nov 22, 2024 | , , , , , , | 0 |

Incident: Snow Brand Australia confirms SafePay ransomware attack | Cyberdaily.au

Australian Manufacturing Ransomware Attack, 22 November 2024

Victorian based Snow Brand Australia confirms SafePay ransomware attack

Stolen 24 gigabytes, including financial data invoices, purchase orders, and details of retail partners. Also employee data, medical certificates, superannuation details, and Medicare applications.

Source: Snow Brand Australia confirms SafePay ransomware attack | Cyberdaily.au

View more incidents relating to the Manufacturing Manufacturing sector and incidents from Victoria.

Summary

Snow Brand Australia has confirmed a recent ransomware attack by the SafePay ransomware gang, impacting some of its employee data. The attack was listed on SafePay’s darknet leak site, alongside 23 other victims. The gang, which appears to be a new operation possibly based in Russia, published an archived dataset of almost 24 gigabytes, including financial data such as invoices, purchase orders, and details of the company’s business with various retail partners. Also included are some employee data, such as medical certificates, superannuation details, and Medicare applications

Statements

A Snow Brand spokesperson stated, “Snow Brand recently experienced a cyber incident where unusual activity was detected on our network. We immediately secured our network and initiated an investigation to understand what happened, including any impact to information.”

The Australian Cyber Security Centre and the Office of the Australian Information Commissioner have been notified, and the company has communicated with individuals impacted by the data breach. The spokesperson added, “We otherwise confirm our systems are secure, and Snow Brand remains fully operational.”

Impact

The financial data could be used for BEC or fraud, customers of Snow Brand should take extra care when making payments. The more significant impact is the PII of employees’ data, especially the superannuation and Medicare details.

Attacker

SafePay is a new ransomware operation, with Snow Brand being one of its first victims. According to research by cyber security firm Huntress, SafePay only began operating within the last couple of months. The gang checks for systems using Cyrillic characters and aborts the attack if found, suggesting an Eastern European origin.

Conclusion

This incident underscores the increasing vulnerability of the global food industry to ransomware attacks. Cybercriminals have intensified their focus on critical industries, aiming to exploit operational dependencies on technology and data.

“Organizations in the food production sector must recognise that they are high-value targets for cybercriminals,” said a cybersecurity expert. “Investing in robust cybersecurity measures is no longer optional but essential for operational resilience.”

Industry Incidents

  • Incident: Four’N Twenty owner Patties Foods reportedly targeted in ‘data breach’ | Mumbrella
  • Incident: Yakult Australia targeted in cyber attack, employee files published on dark web | ABC News Australia

    •  

    Rate:

    About The Author

    Steven Kirby

    I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

    Related Posts

    Incident: Orchard worker recruiter exposed sensitive personal data | iTnews

    Incident: Orchard worker recruiter exposed sensitive personal data | iTnews

    October 29, 2020

    Incident: Vengeful retrenched employee allegedly took BlueScope top trade secrets with her | Stuff.co.nz

    Incident: Vengeful retrenched employee allegedly took BlueScope top trade secrets with her | Stuff.co.nz

    January 9, 2016

    Incident: RansomHub claims 700GB stolen from Australian retail design company | cyberdaily.au

    Incident: RansomHub claims 700GB stolen from Australian retail design company | cyberdaily.au

    April 30, 2024

    Incident: 300GB allegedly stolen from Australian immigration consultancy – cyberdaily.au

    Incident: 300GB allegedly stolen from Australian immigration consultancy – cyberdaily.au

    April 8, 2024

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

    More Australian News

    Alert! National Anti-Scam Centre, ASIC warn Aussies of fake crypto trading platforms
    Alert! National Anti-Scam Centre, ASIC warn Aussies of fake crypto trading platforms

    Scammers are advertising crypto trading websites filled with fake data to share trading message groups – and taking victims’ money right now. • Mon, … [...]

    Exclusive: Victorian regional newspaper allegedly hacked by ransomware group
    Exclusive: Victorian regional newspaper allegedly hacked by ransomware group

    The Adviser, a media outlet based in Shepparton, has been hit by a potential 350-plus gigabyte data breach. • Mon, 25 May 2026 • Security *]:clear-none … [...]

    State Library of NSW responding to April cyber intrusion
    State Library of NSW responding to April cyber intrusion

    Library services remain offline following “suspicious activity in our catalogue”; services are expected to be back online by the end of the month. • … [...]

    Directors told to stop admiring the AI problem and start governing it - AICD
    Directors told to stop admiring the AI problem and start governing it - AICD

    Directors told to stop admiring the AI problem and start governing it Friday, 15 May 2026 Brisbane played host to the AICDs’ Tech Governance Forum last … [...]

    Student hackers take on 'ethical battle' beyond cyber attacks and exploits
    Student hackers take on 'ethical battle' beyond cyber attacks and exploits

    When more than 100 hackers meet in a room, it might be a good idea to update your password. But these cybersecurity sleuths have gathered for a good … [...]

    How Australia's ASIC v FIIG decision supports your cyber investment business case
    How Australia's ASIC v FIIG decision supports your cyber investment business case

    What you need to know First AFSL cyber penalty: FIIG's $2.5 million penalty is the first cyber security penalty under general financial services … [...]

    APRA and ASIC Sound the AI Alarm for Boards and Executives
    APRA and ASIC Sound the AI Alarm for Boards and Executives

    What you need to know APRA and ASIC have sent powerful messages to regulated entities regarding AI, cyber security and operational resilience in … [...]

    Exclusive: INC Ransom claims cyber attack on Australian engineering service company
    Exclusive: INC Ransom claims cyber attack on Australian engineering service company

    Threat actors have claimed a cyber attack on an Australian engineering solutions company and are threatening to publish data they allegedly … [...]

    Exclusive: Major cleaning and facility services firm confirms third-party cyber incident
    Exclusive: Major cleaning and facility services firm confirms third-party cyber incident

    Major private cleaning and facility services firm Menzies Group has confirmed a cyber incident that occurred after a third-party IT provider was … [...]

    Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims
    Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims

    A Sydney-based vocational college has found no evidence of compromised student data after being listed on the leak site of a prolific hacking group. • … [...]

    Victorian bulk porting scammer gets over two years in prison
    Victorian bulk porting scammer gets over two years in prison

    A 35-year-old man from Lynbrook, south-east Melbourne, has received a prison sentence of two years and two months, with a 12-month non-parole period, … [...]

    NSW cyber cops bust alleged bullion-buying BEC bandits
    NSW cyber cops bust alleged bullion-buying BEC bandits

    NSW Police have charged three people over an alleged $600,000 business email compromise (BEC) scam operation, after detectives caught a young woman … [...]

    Shares
    Share This

    Discover more from Australian Cyber Aware

    Subscribe now to keep reading and get access to the full archive.

    Continue reading