Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: Aussie engineering firm confirms RansomHub ransomware attack

Nearly 500 gigabytes of data was allegedly stolen in a ransomware attack on West Australian firm McDowall Affleck.

user icon David Hollingworth
Fri, 02 Aug 2024
Exclusive: Aussie engineering firm confirms RansomHub ransomware attack
expand image

Australian engineering firm McDowall Affleck has confirmed it is the victim of a ransomware attack after it was listed on RansomHub’s darknet leak site.

The ransomware gang posted the details of the hack overnight on 1 August, saying that the initial hack took place last month.

“On July 24th, the company McDowall Affleck was attacked. The company’s network was encrypted, and confidential data was extracted,” a RansomHub spokesperson said in the leak post.

============
============

“A total of 470 gigabytes of data was uploaded to our server, including: all blueprints and documents related to past and current projects, quota documents, insurance documents, tender and contract documents, client and partner information, personal information of employees, and much more.

“The company’s director, Stephen Connell, was personally notified several times with details about the incident and was informed that if he did not pay us, all the data would be published on our blog.”

No evidence of the hack was shared, though RansomHub did share the contact details of Connell and another employee. The gang also called out McDowall Affleck’s alleged insurance company.

McDowall Affleck confirmed the incident when contacted by Cyber Daily.

“McDowall Affleck recently experienced a cyber incident. As soon as we detected the incident, we took steps to secure our system. We also engaged forensic experts to investigate what [had] happened. Our system is secure and operational,” a spokesperson from McDowall Affleck said in a statement.

“We are aware of an online claim relating to McDowall Affleck. We are continuing to investigate the veracity of this claim.

“The protection of our employees and clients’ information is our upmost priority. We have communicated with all employees and clients and provided steps that they can take to protect their information.”

McDowall Affleck added that it has informed the Australian Cyber Security Centre and Western Australia Police Force and will work with law enforcement on any investigation.

“We are committed to communicating with our employees and clients as soon as we have relevant information to share,” the spokesperson said.

“We apologise for any concern that notification of this incident has caused.”

McDowall Affleck is an engineering firm with a global client base, according to its website. Its clients include Lendlease, Hitachi, and state government agency DevelopmentWA.

First seen in February 2024, RansomHub has become a prolific operator in the scene. While McDowall Affleck was only the gang’s second victim, after retail design firm Intoto in April, RansomHub has listed 146 victims on its leak site, with five other victims already in August alone.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.