Share this article on:
Kingsley-based TPG Aged Care has been listed as a victim on LockBit’s leak site, and several internal documents with personal details of elderly clients have already been published.
An affiliate of the LockBit ransomware gang is claiming to have successfully hacked West Australian aged-care provider TPG Aged Care and has shared several documents as evidence of the ransomware attack.
TPG Aged Care was listed on the gang’s darknet leak site between 3 and 7 October, and LockBit claimed to have stolen 65 gigabytes of data.
“Today we are posting here the new company, ‘TPG Aged Care’,” the listing said, before going on to describe the victim and share some contact details of the aged care provider.
“Below you can find some screenshots just as an illustration of the type of Data that was downloaded.
“When the timer finishes counting down you can find the links with all downloaded sensitive Data in this post.”
The ransom deadline is listed as 24 October, though no ransom figure is provided.
The evidentiary screenshots include several internal documents, most of which are redacted to remove any personally identifiable information (PII). This is an unusual move for a ransomware operator; they’re usually happy to share personal data at this stage of a ransom negotiation, but it’s possible LockBit or its affiliate are aware that sharing details of elderly individuals is a moral stretch too far even for them and are giving the victim every opportunity to pay without disclosing too much PII.
Regardless, the documents include client care reviews with TPG Aged Care letterheads, insurance documents, home care assessments, service plan details, and a scan of a driver’s licence.
Cyber Daily has contacted TPG Aged Care for comment but has yet to receive a response.
TPG Aged Care is one of two victims listed since a recent round of arrests carried out as part of Operation Cronos, an international law enforcement effort to curtail the gang’s criminal activity. Four arrests were announced last week, including two LockBit affiliates, a developer, and the administrator of the gang’s hosting service.
While LockBit does appear to be slowing down in its activity, its leak site remains active and it is continuing – for now – to claim new victims.
TPG Aged Care was established in 1998 and provides a range of aged-care services, including respite care, home and garden maintenance, and nursing care. According to its website, TPG Aged Care is also “one of the largest veterans home care service providers in Perth”.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.