Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A Melbourne-based skincare manufacturer has confirmed it suffered a cyber incident after it was listed on the dark web leak site of infamous threat group RansomHub.
Baxter Laboratories provides supplies for pharmaceutical products, skincare and sunscreen, with offerings including warehousing, distribution, research and development, manufacturing, filling, regulatory services and more.
RansomHub listed Baxter Laboratories on its dark web leak site last week, claiming to have exfiltrated 40 gigabytes of data.
While not commenting on the data that was allegedly stolen, RansomHub has set a countdown timer for the publication of the data, which at the time of writing has seven days and nine hours remaining.
Responding to Cyber Daily’s request for comment, Baxter Laboratories confirmed the cyber incident and said it was investigating RansomHub’s claims.
“Baxter Laboratories experienced a cyber event when an unauthorised third party accessed and encrypted a part of our IT systems. As soon as we became aware, we immediately engaged experts to provide us advice. Our team was able to quickly contain the incident,” said the statement.
“Baxter Laboratories is aware of an allegation on the dark web that some of our data was stolen by the unauthorised third party as part of the incident. Since then, we have been working with experts to urgently investigate these allegations. This investigation is ongoing.
“Baxter Laboratories is taking the matter and allegations seriously.
“We apologise for any concern this incident may have caused and will keep our stakeholders updated on our investigation.”
Australian organisations have been victims of RansomHub before, which is quickly becoming one of the most notorious ransomware operations active at the moment.
Last month, the group published the data of coaling mining equipment supplier Bis Industries as a victim on its darknet leak site.
The initial leak post was published on 17 February and has been viewed 7.268 times since then, according to a ticker on RansomHub’s leak site. The full data has since been published, of which the group claimed to have 502 gigabytes.
Bis Industries confirmed at the time that it is investigating a cyber security incident that it first detected last year.
“Bis Industries experienced a ransomware incident in December 2024 when an unauthorised third party accessed and encrypted a part of our IT systems,” a Bis Industries spokesperson told Cyber Daily.
“As soon as we became aware, we immediately engaged leading cyber experts to provide us advice. Our cyber experts were able to quickly contain the incident and restore our systems, with little impact to our operations.”
Bis is also aware of RansomHub’s claims and is actively investigating the gang’s allegations.
“Recently, Bis was made aware of an allegation on the dark web that some of our data was stolen by the unauthorised third party as part of the incident. Since then, Bis has been working with its cyber experts to urgently investigate these allegations,” the spokesperson said.
Be the first to hear the latest developments in the cyber industry.
