Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers claim to have stolen almost 20 gigabytes of data from a Brisbane-based steel industry firm.
The Akira ransomware operation has listed Australian firm Watkins Steel on its darknet leak site, claiming to have stolen 17 gigabytes of data in a ransomware attack.
In a listing dated 30 April, Akira claims to have stolen data relating to both Watkins Steel’s employees and internal documents.
“We are ready to upload 17 GB of corporate documents such as: personal files of employees, client data, projects info, financial data (audits, tax statements, payment details, reports), corporate NDAs, etc.,” it said.
Watkins Steel has confirmed that it is aware of Akira’s claims and is actively investigating the incident.
“Watkins Steel Holdings Pty Ltd (Watkins Steel) is aware that a third party has named the company online alongside claims they have accessed some of our data,” a spokesperson for Watkins Steel told Cyber Daily.
“We are working to verify these claims as a priority and have notified our staff and broader stakeholder group of these developments.
“If we detect that information has been impacted, we will contact affected parties as required to provide support and guidance on how to respond.”
Watkins Steel is keeping all of its stakeholders advised of the investigation’s progress and has informed the Australian Cyber Security Centre and other relevant authorities.
“We would like to assure our staff and customers that our business operations are continuing as usual, and there is no interruption to our services,” the spokesperson said.
“We understand this news may cause concern, and we thank all our stakeholders for their ongoing support as we work to resolve this as swiftly as possible.”
As a rule, Akira does not share evidence of its successful hacks, nor share details of its ransom demands or deadlines. According to research, its initial demands can range from as low as US$100,000 to as high as US$4 million, though the gang is willing to negotiate with its victims to come to an accommodation, often lowering its demands drastically if it means a victim will actually pay the cyber criminals.
For instance, that US$4 million demand was negotiated down to just US$150,000 by a third-party negotiator.
Akira is a ransomware-as-a-service operation, hiring out its ransomware infrastructure to a raft of affiliates in return for a cut of any ransom paid. It was first observed in March 2023 and is thought to have some links to the now-defunct Conti ransomware operation.
The gang is known to use brute-force attempts to compromise Cisco VPN devices to gain initial access to its victims’ networks.
Akira’s most recent Australian victim was engineering services company Consonic, which was listed on the gang’s leak site last month.
Watkins Steel, based in the Brisbane suburb of Banyo, is a steel subcontractor supplying clients in the mining, building, and construction industries in the state of Queensland. Recent projects include the redevelopment of the Kingston Butter Factory, the Queensland University of Technology’s La Boite Theatre, and an upgrade of the Qantas premium lounge at Brisbane International Airport.
The company employs more than 50 people.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
