iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Sarcoma ransomware gang claims another Australian scalp with staff passports and confidential agreements already published online.
Australian produce firm Perfection Fresh has been listed on the Sarcoma ransomware group’s dark web leak site overnight, making it one of three Australian victims listed in the span of 24 hours.
Sarcoma claims to have stolen 690 gigabytes of data, which it lists as “Files, SQL” in its 10 October leak post.
The ransomware gang has not shared its ransom demand publicly but has published several files to prove the success of the hack.
Included in the proof of hack are numerous passport scans, both valid and expired, of what appear to be Perfection Fresh employees from several countries.
Other documents include confidentiality agreements with Perfection Fresh’s clients and suppliers.
Perfection Fresh has confirmed the incident.
“Following a recent cyber incident, a third party has named Perfection Fresh online alongside a small sample of files,” a Perfection Fresh spokesperson told Cyber Daily.
“Perfection Fresh has informed our stakeholders of this development and obtained an injunction to prevent any access, dissemination, or publication of data disclosed by any third party. Any attempt to access this data would be in contravention of this court order.
“We recommend our stakeholders remain vigilant against the potential risk of receiving phishing or other scam communications from any parties claiming to be from Perfection Fresh. Please do not respond to any email, telephone or text messages that seem suspicious, and report it to ([email protected]).
Perfection Fresh has informed the Australian Cyber Security Centre and the Office of the Australian Information Commissioner and is working with the relevant authorities.
“We understand this news may cause concern, and we want to thank our stakeholders for their ongoing support throughout our incident response,” Perfection Fresh said.
Perfection Fresh describes itself as “one of Australia’s largest privately owned fresh produce businesses” and is headquartered in Homebush, NSW, but has offices in Western Australia, South Australia, and Queensland.
The company has more than 1,000 employees and grows a wide range of fruits and vegetables for sale across Australia.
Who is Sarcoma?
For now, little is known about the Sarcoma operation – it appeared overnight with 30 victims listed and claiming to have exfiltrated more than five terabytes of data between them. Three Australian victims were listed, one of whom was the Sydney-based The Plastic Bag Company, alongside one New Zealand victim.
Cyber Daily is investigating all of the ANZ claims.
Like many ransomware operators, Sarcoma describes itself in flattering terms.
“Today, more and more information is stored on digital media. Companies that store sensitive information on their servers must take a responsible attitude to security,” Sarcoma said on its About Us page.
“Our mission is to show the world how important it is to keep data safe. If you see your company on our website, it means that security was low.
“We invite access brokers, interested parties, aggrieved employees of companies to co-operate. Together we can be stronger and richer.
“We know how to make our cooperation profitable and safe.”
UPDATED 10/10/24 to comply with legal request
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
