Share this article on:
The Qilin ransomware gang has listed Victorian-based Meli as a victim on its darknet leak site. UPDATE: Meli responds to posting of stolen data online.
North Geelong-headquartered community support service Meli has confirmed via a statement on its website that it has been the victim of a cyber attack, and it is investigating the incident.
“We are currently investigating a cyber incident that has impacted our organisation,” a Meli spokesperson said in an updated security update on the not-for-profit’s site.
“As soon as we detected the incident, we took steps to secure our system. We also partnered with leading forensic specialists and cyber security advisors to investigate what has happened. Our investigation is ongoing.”
The notice comes a day after the Qilin ransomware group listed Meli on its darknet leak site, claiming to have stolen 419,617 files totalling 215 gigabytes of data. According to the gang, the attack took place on 21 August.
The gang also shared 14 screenshots of documents and scans stolen during the attack to prove the veracity of its claims. Included are financial statements, confidentiality agreements, and scans of several passports – both in and out of date – alongside a Medicare card.
Qilin has not listed a ransom amount or deadline.
In its statement, Meli noted that its client services have not been impacted, but some internal processes have.
“At this point, services to our clients continue as normal, and this remains our priority,” Meli said.
“Where necessary, some aspects of our work will revert to manual or paper-based processes.”
The organisation is currently investigating the nature of the data possibly exposed by the incident.
“Our ongoing investigation is in its early stages. We understand that you would like to know more but this incident is complex and requires specialist review and investigation,” Meli said.
“It’s important that we take the time to investigate what has happened and if any data has been impacted so that we can communicate with accuracy.”
Meli has informed Victoria Police, Victoria Health, the Australian Cyber Security Centre, and other “relevant government agencies”.
Meli was formed in 2023 during a merger between the community support services Bethany and Barwon Child, Youth & Family, which itself was formed from a merger between Glastonbury Community Services, Barwon Youth, and Time for Youth in 2015.
Meli offers family and community support, operates over 30 kindergartens in Geelong, Bellarine, Lara, Mount Duneed, and Colac, and a foster care service.
The Qilin gang had a quiet start to the month, but since 10 August, it has listed 13 victims on its leak site, including the New York Sports Club and several healthcare organisations. Qilin’s first activity was in February 2023, and it has been responsible for 143 attacks since then.
Cyber Daily has contacted Meli for comment on Qilin’s dark web post.
UPDATE 26/08/24, 3.25pm
Meli has released a further statement following Qilin's sharing of data:
Unfortunately, our ongoing investigation has identified evidence that a subset of files has been taken from this system. We are aware of a claim that this information has now been published externally by an unauthorised third party. We are urgently investigating the nature and extent of the published files.
We have also shared precautionary steps people can take to protect their personal information while our investigation continues. We will continue to keep our community informed, in accordance with our commitment to communicating with transparency and with integrity.
We have informed the Australian Cyber Security Centre (ACSC), Victorian Police, Office of the Australian Information Commissioner, Office of the Victorian Information Commissioner and relevant departments in the Victorian and Commonwealth Governments about the incident. We will continue to cooperate with law enforcement and the relevant government agencies as required.
Our important work supporting clients and the community remains our utmost priority. We thank our funders for their ongoing support and together we will continue our important role of supporting people and strengthening communities.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.