Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: Rhysida ransomware gang claims hack on disability support organisation Engedi

Queensland-based registered NDIS provider Engedi was hit by an alleged ransomware attack, and staff data was posted on the dark web.

user iconDavid Hollingworth
Mon, 26 Aug 2024
Exclusive: Rhysida ransomware gang claims hack on disability support org Engedi
expand image

The Rhysida ransomware operation has listed a Mackay-based disability support provider as one of its latest victims.

Rhysida published the details of the attack on 22 August on its darknet leak site, alongside documents the gang said were exfiltrated from Engedi’s network.

“With just seven days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data,” Rhysida said in the post, utilising its usual boilerplate copy.

============
============

“Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!”

Engedi – and anyone else interested in the purchase – was given seven days to purchase the data for a sum of 10 bitcoin, which is the equivalent of about $94,000 in Australian currency at the time of writing.

The proof-of-hack documents were shared as a single lo-res photomontage, so they are difficult to make out. However, there are clearly several passport scans, several other identity documents, some form of account application, and one credit card scan.

At least one of the identity documents appears to be linked to an Engedi staff member.

Engedi offers a range of services, including group skills programs, therapy support and coordination, NDIS plan management, and individual support, and has been in operation since 1985. The not-for-profit operates out of two locations in Queensland – Engedi Support Services in Beaconsfield and Engedi Therapy Hub in Mount Pleasant.

Rhsyida – first observed in July 2023 – has claimed 14 victims so far this month, including The Washington Times and the Sumter County Sheriff’s Office in the United States. The gang has claimed 139 recorded attacks since its inception, with the vast majority of those in the United States.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.