Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: Victoria’s Royal Brighton Yacht Club confirms Medusa ransomware attack

The personal data of members and employees of the Royal Brighton Yacht Club (RBYC) has been exposed in a supply chain-related incident, with RBYC noting “the seriousness of this breach”.

user icon David Hollingworth
Tue, 16 Jul 2024
Exclusive: Victoria’s Royal Brighton Yacht Club confirms Medusa ransomware attack
expand image

An Australian yacht club has confirmed that it has fallen victim to a ransomware attack after the Medusa gang posted details of the hack to its darknet leak site.

Medusa made the claim overnight, saying it had stolen more than 94 gigabytes of data belonging to Victoria’s Royal Brighton Yacht Club.

The gang also posted several documents as evidence of the hack’s success, including the personal details of both the club’s employees and many of its members, alongside financial information and other internal documents.

============
============

The RBYC confirmed it was aware of the incident when contacted by Cyber Daily.

“Royal Brighton Yacht Club confirms that it was recently the victim of a sophisticated supply chain cyber attack. The attackers deployed Medusa ransomware through a compromised third-party (point-of-sale system) remote support tool, leading to the encryption of our systems. Unfortunately, personal identifiable information (PII) has since been published on the dark web,” Philip Hall, the club’s general manager, said in a statement.

“Immediate steps were taken to contain the incident, and a cyber security partner was engaged to manage the response and remediation efforts. The ransomware was detected promptly, and actions were taken to isolate affected systems and restore services. Our top priority has been to ensure the security and privacy of our data and to minimise disruption to our operations.”

Hall noted that the Australian Cyber Security Centre (ACSC) had been informed and that the RBYC is “fully cooperating with their investigation”. The club is also working to improve its cyber security posture.

The RBYC is in the process of informing individuals impacted by the data breach.

“We understand the seriousness of this breach and are committed to maintaining robust security protocols to protect our data and the data of our stakeholders. We apologise for any inconvenience this may have caused and are taking all necessary measures to address this situation,” Hall said.

The personal information involved, based entirely on the handful of sample documents provided, includes the names, addresses, and phone numbers of club members, as well as details of their membership fees and other club information. The employee data already published includes superannuation and contact information, while several other documents include internal emails. One document also includes login information for some of the club’s external suppliers, including plaintext passwords.

The Medusa gang is demanding a ransom of $100,000, and the deadline to pay is within eight days.

The Medusa operation was responsible for the recent leak of terabytes of internal security camera footage belonging to Perth’s Harry Perkins Institute of Medical Research.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.