Share this article on:
Australian aged-care agency Daughterly Care has been listed on the dark web leak site of the Rhysida ransomware gang.
Daughterly Care is a Sydney-based aged-care agency that has been providing in-home care services for over 24 years. The company said it is “trusted by over 7,100 families”.
The company was listed on the Rhysida ransomware dark web blog for a seven-day auction just days ago.
“With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data,” said Rhysida.
“Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!”
Within the listing, Rhysida posted samples of the allegedly stolen data, which appear to include documents such as tax invoices, monthly statements, contracts and other business documents.
Within this, it appears that first and last names, confidential business data and bank account numbers could be at risk; however, Cyber Daily has been unable to verify.
Rhysida listed the data for 10 bitcoins (roughly A$930,000). At the time of writing, the auction has just over five days left.
Cyber Daily reached out to Daughterly Care for a statement on the incident, but it was unable to provide one at the time.
Just days ago, North Sydney-based Compass Group confirmed it was a victim of the Medusa ransomware gang, the second time it has been hit by a cyber attack in recent history.
The company is a wholly owned subsidiary of the UK-based Compass Group, and according to the Australian company’s website, it is “Australia’s largest food and support services company”.
Compass Group employs 13,000 people and provides food services to companies in the education, mining, and defence sectors, as well as to hospitals and aged-care facilities.
Medusa claimed to have stolen 785.5 gigabytes of data and said it would publish it after eight days if it did not receive US$2 million in ransom. It has also listed the data for sale for the same amount.
Compass confirmed it was aware of this second incident.
“The investigation is ongoing, and we are continuing to work closely with leading global cyber security experts, specialist legal counsel and regulatory authorities,” a Compass Group spokesperson told Cyber Daily on 20 September.
“Yesterday, our security measures detected unauthorised activity on a server recently brought back online. In line with our security protocols, we disabled that system and contained the threat.
“Our priority is to ensure the ongoing security and stability of our systems and to provide support to those individuals whose high-risk information has been impacted.”