Share this article on:
Infamous ransomware actors claim to have stolen a massive amount of data from an Australian retail design company.
RansomHub, the threat actor behind the recent UnitedHealth/Change Healthcare breach, said it has breached the systems of Sydney-based Design Intoto, a retail design company with major clients such as Coca-Cola, Tefal, KFC, Vodafone and more.
“We have been in your network for a long time and have had time to analyze your business. We have found many interesting documents, the publication of which will destroy your business and reputation,” said RansomHub.
“We have also stolen more than 700 GB of your confidential data and offer to make a deal that will satisfy both parties.
“If you ignore or refuse the deal, we will be forced to release all your data to the public.”
🔴 #CyberAttack Alert 🔴
— HackManac (@H4ckManac) April 25, 2024
🇦🇺 #Australia: Design Intoto has reportedly been compromised by the RansomHub ransomware group.
The group allegedly exfiltrated 700 GB of data.#Ransomware pic.twitter.com/9CRBYptAks
Additionally, RansomHub placed a countdown timer on the listing for the public release of the allegedly stolen data, which, at the time of writing, had roughly 10 hours left.
In classic RansomHub fashion, the threat actors also attempted to scare Design Intoto into meeting its terms, saying that its clients will see how the company “neglected their personal information” and will take them to court with a foolproof plan, as well as the notion that the story will gain major media coverage.
It also called out Deep Instinct, an AI-powered cyber security platform that became involved in assisting Design Intoto through an Managed Security Service Provider (MSSP) after the breach had occured.
“We still have access to your network and Deep Instinct Inc has not helped you in this matter and is unlikely to help you with data recovery and the upcoming publication of your data leak. Again, you can only resolve this issue by chatting with us,” it added.
Additionally, Deep Instinct stressed that Design Intoto was not one of its customers, and that its own systems were not breached.
“Design Intoto is not a Deep Instinct customer. We were deployed post-breach by an MSSP partner as part of the remediation process; our software was not bypassed," said Deep Instinct.
Despite the short deadline for data publication, Design Intoto is yet to issue a statement or any comment on the incident. Cyber Daily has reached out to the company for comment.