Share this article on:
LockBit 3.0 continues its ransomware spree, this time publishing data from a compromised system belonging to Seasons Darling Harbour, part of the Seasons Apartment Hotel Group.
The company had been given an apparent deadline of 2 September to pay a ransom, with the data uploaded soon after the deadline passed.
However, while LockBit lists the victim as being Seasons Darling Harbour on its leak site, the data itself appears to include documents relating to the operations of all four of Seasons’ properties – Seasons Heritage Melbourne and Seasons Botanical Gardens in Melbourne, Seasons of Perth, and Seasons Darling Harbour in Sydney.
Also included in the posted data is material from Seasons Harbour Plaza, also in Sydney, as well as documents from Seasons International Management, based in Perth.
While much of the leaked data is financial in nature, relating to various accounts and invoices, there does appear to be some limited customer information included. For instance, one invoice, to Travelscape – a subsidiary of Expedia – appears to list a number of customers and the length of their stays.
It does appear that no customer credit card details are part of the leak, nor any serious amount of personally identifiable information. However, the banking details of some staff from Seasons Harbour Plaza – dating from 2016 – are included in the leak.
That said, there are many invoices from Season’s various third-party suppliers, complete with company letterheads, account details, and points of contact. Cash flow data and other information are also part of the leak, as well as a small amount of CCTV footage.
The dates of the leaked documents range from 2011 all the way up to 2023.
LockBit has been very busy with data leaks from Australian organisations. It was behind the publishing of a swathe of data from Pareto Phone, a telemarketing company that worked with a wide range of Australian charities. Data from the Fred Hollows Foundation and Legacy Australia, among others, was published in August.
The ransomware gang has also collected some impressive international scalps recently, including Taiwan’s TSMC operation, as well as security firm DarkTrace.
Cyber Security Connect has reached out to the Seasons Apartment Hotel Group for comment.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.