Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers claim to have stolen passport and driver’s licence scans and other personal information from Australian organic goods producer.
The Medusa ransomware operation has listed Australian manufacturer Natures Organics as a victim on its darknet leak site.
The gang claims to have stolen 142.85 gigabytes of data. Medusa also shared a file listing, which amounts to more than 47,000 lines of data.
Medusa also published several documents and files by way of evidence of the hack, including passport and driver’s license scans belonging to employees, bank account transaction histories, confidentiality agreements, internal communications, and employee payslips.
The data will be published within eight days or can be bought outright for US$150,000. Medusa has said the data can also be deleted for the same amount or the ransom deadline extended for US$10,000.
Natures Organics has confirmed it is aware of the incident, which it first became aware of on January 30.
“We have notified the relevant parties (including staff and government authorities),” a Natures Organics spokesperson told Cyber Daily.
“Our clients have not been impacted by this breach.”
The spokesperson also said that Natures Organics had “taken the appropriate action” following the incident.
Shannon Sedgwick, partner, national cyber security practice, at MinterEllison Consulting, shared some threat intelligence concerning Medusa following a recent attack on an Australian company, the North Sydney-based Compass Group in September 2024.
“Medusa is a ransomware-as-a-service (RaaS) group that employs living-off-the-land techniques by using legitimate software tools for malicious purposes, which are difficult to detect when viewed alongside regular network traffic because it mimics normal behaviour,” Sedgwick told Cyber Daily.
“Medusa are adept at evading detection by security teams and maintaining persistence in victim networks post-discovery by using remote management and monitoring tools to remotely execute a payload and install vulnerable drivers to impair defences by shutting down the likes of Microsoft Defender. They also move laterally across networks by modifying registry keys and creating scheduled tasks.”
The gang’s most recent Australian victim was Ardex Australia, which was listed by Medusa on January 31.
Natures Organics produces a range of popular sustainable goods brands, including Earth Choice, My Soda, Purity, and Funtime, and its retail partners include Coles and Chemist Warehouse. The company also supports several overseas NGOs, including the School of St Jude in Tanzania and the Cambodian Children’s Fund.
The company employs more than 140 team members in Australia across its office, field, and manufacturing teams.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
