Incident: Ransomware group KillSec claims hack on Clubfit Software | Cyberdaily.au
Australian Ransomware Attack, 4 December 2024
Queensland: Ransomware group KillSec claims hack on gym management software provider Brisbane-based Clubfit Software.
Stolen data, approximately 200 gigabytes, includes sensitive information such as gym membership agreements with customer details.
Source: Ransomware group KillSec claims hack on Clubfit Software | Cyberdaily.au
View more incidents relating to the Services sector and incidents from Queensland.
The KillSec ransomware gang is claiming a potentially massive data breach affecting Clubfit Software, an Brisbane gym management software provider, with implications for hundreds of fitness facilities across the country.
KillSec, a hacktivist group known for its ransomware activities, has claimed responsibility for the attack on ClubFit. The group has listed ClubFit on its darknet leak site, asserting that they have exfiltrated a substantial amount of data. An initial leak of 1% of the stolen data, approximately 200 gigabytes, includes sensitive information such as gym membership agreements with customer details. KillSec has not specified a ransom amount but has suggested that the company can pay for data deletion. The group has also released a list of ClubFit’s clients, including 694 gyms and fitness centers, and has begun contacting them to warn of further data exposure.
The gang also shared several files as evidence of their alleged activity, including several gym membership agreements with customer names, addresses, phone numbers, emails, and emergency contact numbers. Many of the documents also appear to include signatures.
Clubfit Software has not yet publicly responded to the incident. The ransomware gang has begun contacting Clubfit’s clients directly and has threatened to publish all stolen data on their blog, escalating the pressure on the affected businesses.
