Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: Victorian firm Kempe Engineering listed on RansomHub leak site

The ransomware gang claims to have stolen four terabytes of data, including customer and staff information.

user icon David Hollingworth
Thu, 08 Aug 2024
Exclusive: Victorian firm Kempe Engineering listed on RansomHub leak site
expand image

The RansomHub ransomware gang has listed a Geelong-based specialist engineering firm as a victim on its darknet leak site.

The gang made the post overnight on 7 August, and it claims to have exfiltrated four terabytes of data from the company.

“We have successfully exfiltrated approximately 4TB of sensitive data, including financial records, customer data, all internal mail and proprietary business information,” a RansomHub spokesperson said.

============
============

The company currently has seven days to pay an unspecified ransom, and the gang shared several internal documents in an attempt to prove the veracity of their claim.

One is an Excel file called Employee Personal Details Schedule, which contains a list of nearly 100 of Kempe’s workers. The file includes home and mobile phone numbers, home addresses, dates of birth, and personal email addresses.

The spreadsheet also includes the names and contact details of each employee’s emergency contact, as well as information regarding statutory declarations and flu shot details.

Another document is an ANZ Payment and Cash Management Request form, while another is a life insurance statement belonging to one of the company’s senior employees.

“Information will be updated,” RansomHub said.

Kempe did not respond to Cyber Daily when asked to comment on the ransomware gang’s claims.

Kempe Engineering works in a wide range of sectors, including recycling, oil and gas, power generation, and rail engineering. The company has offices across Australia and China, and according to its LinkedIn page, it has between 201 and 500 employees.

RansomHub – first seen this year in February – has already had a busy August and has listed 11 victims on its darknet leak site so far this month. Its most recent Australian victim was another engineering firm, McDowall Affleck, which confirmed it had fallen victim to the gang last week after a 24 July cyber attack.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.