Share this article on:
The personal data of potentially thousands of Australians has been allegedly stolen after a threat actor listed a customer database belonging to garage, office and gym equipment provider LEE.
LEE is an Australian organisation that sells garage lighting and other equipment, such as toolboxes, storage racks, and gym equipment.
On 20 September 2024, a threat actor called “joonas” claimed to be selling a database containing 210,000 records from a LEE database.
While the threat actor provided little to no information as to what data was contained or how the incident occurred, a sample of the stolen data posted with the listing suggests that names, mobile numbers, email addresses, residential addresses and other unspecified data were stolen.
It also appears that the listing hasn’t gotten much attention from other threat actors, as the listing has no public replies from other users of the popular hacking forum. However, Cyber Daily has not been able to verify if the data has been purchased by anyone. Additionally, there has been no evidence that the data has been misused.
Cyber Daily has attempted to reach out to LEE for more information or comment on the incident but has been unsuccessful.
This story is ongoing. Cyber Daily will provide an update as it continues to develop.
Australian small businesses and organisations continue to be battered by threat actors, with the Abyss ransomware gang just last week claiming to have stolen data from the Australian Nursing Home Foundation.
The Abyss ransomware gang listed the not-for-profit on its dark web leak site, claiming to have stolen 1.5 terabytes of uncompressed data.
Once again, the threat group provided little to no details of the incident other than that data will be published on 5 November.