Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: Super Gardens employee medical data leaked on dark web

Following an alleged ransomware attack earlier this month, the DragonForce ransomware gang has published a trove of sensitive employee data.

user icon David Hollingworth
Tue, 09 Jul 2024
Exclusive: Super Gardens employee medical data leaked on dark web
expand image

A Victorian landscaping firm has suffered a data breach following an alleged ransomware attack earlier this month, with the personal data of hundreds of its employees posted to the dark web this week.

The DragonForce ransomware gang claimed to have stolen 120.1 gigabytes of the company’s data on 1 July and posted a ransom deadline of around six days.

The data includes a large amount of internal documents such as training regimes, invoices, and details of dangerous chemicals and materials used in Super Gardens’ regular landscaping operations.

============
============

However, the data also features numerous folders and documents relating to human resources and the company’s employees. Included are sensitive documents such as medical checks and medical treatment reports, pre-employment and police checks, and names, addresses, and other personally identifiable information. Some driver’s licence scans and tax file number declarations are included in the data.

The leaked personal data belongs to about 300 Super Gardens casual and full-time employees and apprentices.

Many of the files also relate to “incidents & injuries” that occurred while attending to many of Super Gardens’ clients. These include injury details, incidents of property damage, and workers’ compensation claims.

There are also many thousands of documents relating to Super Gardens’ clients, including the Melbourne Racing Club, La Trobe University, and Melbourne Airport, to name just a few.

A total of 107,120 files were leaked as part of the incident.

Super Gardens has not responded to Cyber Daily’s request for comment on its response to the incident.

DragonForce has claimed several victims in the region recently, including Elite Fitness in New Zealand and Sydney’s Aussizz Group immigration consultancy.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.