Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily.

Subscribe to our Newsletter

Powered by MOMENTUM MEDIA
Breaking news and updates daily. Subscribe to our Newsletter
facebook linkedin X Instagram youtube

Explore

SECTIONS

MORE

search button

Exclusive: Herron Todd White says new ransomware claim is the same dataset

For the second time this year, threat actors have claimed a cyber attack on Australian property valuation firm Herron Todd White.

user icon Daniel Croft
Fri, 15 Nov 2024 Security
Exclusive: Herron Todd White says new ransomware claim is the same dataset
expand image

On 27 April, the BlackSuit ransomware gang claimed the Aussie scalp, posting details of the data exfiltrated to its darknet leak site.

“Data 279g – just paperwork, no trash,” a gang spokesperson said.

“20g sql_DB – customer and transaction databases.”

============
============

Now, the Meow Leaks ransomware gang has listed the Australian company on its site.

The threat group provided no details of the incident or what data was stolen but set prices for the purchase of the data.

However, speaking with Cyber Daily, Herron Todd White has said that the new incident appears to be a case of data duplication.

“We are aware of a claim made online by an unauthorised third party regarding our business,” Herron Todd White told Cyber Daily.

“We have ongoing cyber security monitoring in place and our investigation has provided no evidence that any unauthorised third party has accessed our systems, and this does not represent a new incident or compromise of our systems.

Cyber Daily logo
VIEW ALL

“Based on the nature of the claim and the data involved, the advice we have received from our external cyber security experts is that this is the same data set that was the subject of a cyber incident experienced in April 2024. At the time, we notified the regulator, affected individuals, and our customers, in line with our obligations.

Despite the incident likely being a case of data duplication, Herron Todd White has said that it has begun sending out notifications regarding the latest incident.

“We are communicating with our staff, our customers and our stakeholders and will continue to maintain a proactive approach to monitoring and security with the assistance of external experts. If there is any reason to communicate further, we will update all our stakeholders as quickly as possible,” it said.

Cyber Daily will provide an update on this story as it develops.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.
CD Logo

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED

Be the first to hear the latest developments in the cyber industry.

momentummedia media
most innovative companies awards

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

CATEGORIES

STAY CONNECTED

Copyright © 2024 MOMENTUMMEDIA