Share this article on:
The Meow ransomware gang has listed All Parks Insurance as a victim on its leak site and posted several policy documents and employee data as proof of hack.
A specialist underwriting agency focused on providing insurance policies to the owners of caravan parks is allegedly the latest Australian victim of a ransomware attack this month.
All Parks Insurance, based in Wyong in NSW, was listed on the Meow ransomware gang’s dark web leak site overnight, with the gang claiming to have stolen 90 gigabytes of data.
According to Meow, the data includes employee data, client information, scanned payment documents, personal data, including dates of birth, driver’s licence scans, and financial records.
“These records provide in-depth insights into the companys [sic] operations and insurance processes, making them valuable for analysts, competitors, and professionals in the insurance and tourism sectors,” Meow said, using a slightly customised version of its usual sales pitch.
The gang also shared several stolen documents as evidence of the hack. These include policy details for several of All Parks’ clients, a list of commission prepayments with the details of dozens of caravan parks, Greenslip policy details, and tax file number declaration form.
Rather than making a ransom demand, Meow is simply selling the data outright.
“To gain access to this exclusive dataset, simply click the Buy button and complete the registration process,” Meow said. “Our team will promptly reach out to ensure a smooth and confidential transaction.”
The data is available to a single buyer for US$20,000 or to several for US$10,000. Clicking the buy link lets you share your Telegram – there it is again, Telegram being used for criminal purposes; what a shock – Jabber, Tox, or Matrix username, and the cyber criminals will, as they say, reach out.
All Parks Insurance is a relatively small company, with only three employees, but it’s affiliated with a number of other organisations, including BIG4 Holiday Parks, the Caravan & Camping Industry Association of NSW, and the Victorian Caravan Parks Association.
Cyber Daily has reached out to All Parks Insurance for comment, but the company has not responded.
The Meow ransomware operation claimed its first victim in November 2023, and since then has listed 69 victims on its leak site, including 23 so far in August. All Parks Insurance is its first Australian victim, though the gang did list New Zealand-based IT support firm Banx as a victim earlier this month.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.