Share this article on:
Threat actors have claimed an alleged ransomware attack on Queensland accounting services firm Gibbs Hurley Chartered Accountants (Gibbs Hurley).
The firm, which is based in Paddington, Brisbane, provides advice on topics such as taxation and superannuation compliance to “SME and high-net-wealth individuals”.
On 15 July, the Hunters International ransomware gang listed Gibbs Hurley on its dark web leak site.
As is usually the case with the Russia-based ransomware gang, Hunters International provided no deals of the cyber incident, only saying that Gibbs Hurley has an annual revenue of $5.1 million and 25 employees.
At this stage, Hunters International has not set a date or a countdown timer for the publication of the accounting firm’s data. Gibbs Hurley is also yet to publicly acknowledge the incident.
Cyber Daily has reached out to Gibbs Hurley for additional information on the incident.
Less than a month prior to the alleged Gibbs Hurley incident, Hunters International claimed an attack on Sydney-based CRM provider Legrand CRM.
A day later, Legrand CRM confirmed the attack with Cyber Daily, with CEO Alain Legrand saying that a data breach occurred, but the incident was not a ransomware attack.
“We have been in contact with the Australian Cyber Security Centre (ACSC) and the Victorian government Cyber Incident Response Service (CIRS), both of whom had received a third-party report regarding a potential ransomware incident affecting Legrand CRM,” he said in an email to Cyber Daily.
“What took place is not a ransomware attack but a (small) data theft.”
Upon further inspection of the data, it appears that the stolen files do not all belong to Legrand CRM. Some files listed pertain to homewares products that seem to be sold by other businesses.
Based on inbound and outbound traffic, Alain Legrand said that it determined that “maybe 7GB of data” was transferred out, which is relatively small considering the total server storage of two terabytes.
“So, either they were very selective or they purposely did smallish transfers over a few days to minimise the risk of being detected,” he said.
Despite this, Legrand CRM said it was taking the incident incredibly seriously.
In April, Hunters International also claimed an attack on Sydney-based accounting firm T A Khoury & Co, saying it stole 63.7 gigabytes of data.