Exclusive: Australian fibre installation firm allegedly breached by INC Ransom

Infamous ransomware gang INC Ransom has claimed a cyber attack on an Australian fibre network design and installation firm.

Expert Data Cabling (EDC) is a South Australia-based firm that designs and installs fibre networks and builds data, electrical and standby power generation systems.

On 18 March 2025, INC Ransom listed the organisation on its dark web leak site, claiming to have encrypted and exfiltrated data.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

While it did not specify how much data it stole, it posted alleged proof of the breach, which contains scans of driver’s licenses, contractor’s licenses, training accreditations, building maps, contracts, contractor information, employee references, supplier details, insurance information and more.

Within this is personal data, including names, phone numbers, emails, addresses, email addresses, company names of third parties, positions, ABNs, and much more.

INC Ransom has yet to set a time for the publication of the data or publicly disclosed communications with the alleged victim or a requested ransom,

Cyber Daily has reached out to EDC for comment on the incident.

VIEW ALL

Since its birth in August 2023, INC Ransom has become notorious, having listed 271 organisations.

As displayed in the alleged EDC cyber incident, the group deploys double-extortion techniques by both stealing and encrypting data and is known for using spear phishing techniques to access victim networks.

Only a week prior to EDC being listed, INC Ransom listed Victoria-based Sitro Group Australia as a victim on its dark web leak site.

The outdoor leisure wholesaler and distributor was listed in a leak post on 10 March. INC Ransom also published three documents as evidence of the hack’s success.

The documents include a file listing of data backups, a non-disclosure agreement between the Sitro Group Australia and a Chinese manufacturer, and what appears to be a customer database.

INC Ransom did not list a date of publication, nor its ransom demand. It did, however, claim to have encrypted the data it had stolen.

Cyber Daily has also reached out to Sitro Group Australia for comment on the alleged incident but has yet to receive a response.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

Exclusive: Australian fibre installation firm allegedly breached by INC Ransom

Daniel Croft

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED