Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: Medusa claims hack of Aussie fuel distributor North Coast Petroleum

The ransomware gang claims to have 71.5 gigabytes of data, including invoices, driver’s licence scans, passport details, and creditor bank account details.

user icon David Hollingworth
Tue, 25 Jun 2024
Exclusive: Medusa claims hack of Aussie fuel distributor North Coast Petroleum
expand image

The Medusa ransomware gang has claimed another Australian victim, this time the Lismore-based fuel distributor North Coast Petroleum.

The gang posted details of the hack on its dark web leak site on 24 June, saying it had 71.5 gigabytes of stolen data.

The post includes a countdown to when the data will be published, which is just over eight days away. Medusa is demanding a US$150,000 ransom, though anyone else interested in the data can purchase it for the same price.

============
============

Medusa also posted dozens of documents as evidence of the hack. Most of the data consists of invoices and dangerous goods manifests, but other documents include a passport, driver’s licence, and credit card scans, all belonging to one individual, as well as employee information forms complete with emergency contact information. This includes names, addresses, and phone numbers.

Another document, labelled “creditor payments”, lists the BSB and bank account details of dozens of North Coast Petroleum’s customers, including Schweppes Australia, Soda Stream, Repco, and Frucor Beverages, most famous for the energy drink V.

According to North Coast Petroleum’s website, the company services an area “extending into Central Queensland to the north, and beyond Brewarrina in the west and Morisset in the south of New South Wales”.

“We supply to a wide range of customers across retail, commercial, industrial and rural operations. From refuelling the smaller farm tank up to the large capacity underground tanks necessary to keep your fleet of vehicles on the go – we’ve got it covered. We also supply refuelling and storage equipment,” the company’s website said.

Cyber Daily has been in contact with North Coast Petroleum but has not received a reply regarding the company’s response to the incident.

The Medusa ransomware gang’s most recent Australian victim was the Victoria Racing Club. Medusa claimed the VRC as a scalp on 15 June, when it published a tranche of data relating to the club’s racing and gambling operations as evidence of the hack.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.