Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: RansomHub publishes data stolen from Aussie interior solutions firm Nikpol

The data volume may only be six gigabytes but includes employee data such as home addresses, Tax File Numbers, and child support details.

user icon David Hollingworth
Wed, 25 Sep 2024
Exclusive: RansomHub publishes data stolen from Aussie interior solutions firm Nikpol
expand image

An affiliate of the RansomHub ransomware gang has published six gigabytes of data from Melbourne-based interior solutions supplier Nikpol overnight.

RansomHub first listed the company on its darknet leak site on 18 September in a post that listed only a brief description of the company and nothing else.

No ransom amount was listed, but the company was given a seven-day deadline to pay.

============
============

The compromised data includes internal documents and data such as Nikpol’s annual financial budgets, details of the company’s bank accounts and statements, and several tax residency declarations. Details of company credit cards are included, as are contracts with several other Australian organisations, including a Melbourne-based immigration law firm.

Unfortunately, a large amount of employee data appears to have been compromised in the ransomware attack as well.

This includes annual PAYG statements featuring the home addresses and Tax File Numbers of Nikpol’s employees, as well as their salaries. Other documents include superannuation payments and salary sacrifice arrangements, and some employees have had details of their child support payments made public.

According to Nikpol’s website, the company is a “100 per cent Australian owned and run company supplying hardware, decorative surfaces and appliances to the renovation, RV and building industries”. It has offices in Melbourne and Brisbane and employs more than 140 people.

Cyber Daily has contacted Nikpol for comment on the incident but the company has so far declined to respond.

RansomHub has become a prolific ransomware-as-a-service operation since it first emerged in February of this year. In September alone, it has already claimed 66 victims from around the world, including Australian fundraising firm BSG Australia and the Swinburne University of Technology Sarawak Campus.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.