You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

Exclusive: Sarcoma ransomware gang claims hack of The ToolShed

New Zealand hardware chain impacted by alleged 160-gigabyte data breach, employee passports compromised.

Exclusive: Sarcoma ransomware gang claims hack of The ToolShed
expand image

The Sarcoma ransomware operation has listed the Kiwi hardware chain The ToolShed as a victim on its darknet leak site, claiming to have stolen 160 gigabytes of data.

The leak post was made on 4 April and the hackers are planning to publish the data within five days as of the time of writing.

Sarcoma has not listed a ransom demand, but the gang has shared several documents allegedly stolen during the attack, which include financial documents and scans of several New Zealand passports that appear to belong to employees of The ToolShed.

Cyber Daily has contacted The ToolShed for comment but has yet to receive a response.

Sarcoma is a relatively new ransomware outfit, having first been observed in October 2024. Despite that, according to Rapid7’s principal threat analyst Matt Green, the gang is “rapidly gaining attention with the public posting of multiple victims on its leak site”.

“Sarcoma employs a double-extortion strategy, combining ransomware encryption with data exfiltration to pressure organisations into paying ransom,” Green said.

Security analysts believe Sarcoma is based somewhere in eastern Europe and that it may have links to another, pre-existing group operating in the same region. Sarcoma’s previous victims in the ANZ region include ADT Freight Services and Micon Office International, which were both listed on the gang’s website in November 2024. The gang has claimed a total of 85 victims since it first formed.

The ToolShed is a supplier of a broad range of hardware brands as well as its own home brand of tools. It operates more than 25 storefronts in both the North and South Islands.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.