Exclusive: NSW petroleum distributor allegedly breached by World Leaks hacking group

Threat actors have claimed a cyber attack on NSW fuel distribution and logistics firm Kel Campbell.

The company, which operates as Campbell Petroleum Distributors, Kel Campbell Fuel Haulage, and Breeze Convenience, is a family-owned business based in NSW and is a provider of Ampol service stations.

Kel Campbell was listed on the dark web leak site of the World Leaks hacking group, which claimed to have exfiltrated 696.1 gigabytes of data. The threat actor did not disclose the kind of data or provide a sample but said it has 5,116,672 files and that it will publish them in under 11 hours at the time of writing.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

Cyber Daily has reached out to Campbell Petroleum Distributors for more information and is currently awaiting comment.

The World Leaks group is a fresh rebrand of the infamous Hunters International ransomware gang, with the main change between the two being a shift away from ransomware.

Hunters International announced on 17 November 2024 that it would be shutting down as attention from law enforcement grew and profits slumped, according to threat intel organisation Group-IB. Despite the deadline, the group remained active.

Then, on 1 January 2025, Hunters International announced “World Leaks”, a new extortion-only operation.

VIEW ALL

“From the administrator’s perspective, ransomware is no longer profitable and risky. The criminals collaborating with the group will be provided with a purportedly self-developed exfiltration tool designed to automate the process of data exfiltration in the victims’ networks,” Group-IB said this week, as seen by BleepingComputer.

“Unlike Hunters International, which combined encryption with extortion, World Leaks operates as an extortion-only group using a custom-built exfiltration tool.”

Since the group emerged in 2023, Hunters International has been an aggressive group, claiming over 280 incidents. It was believed to be a rebrand of the Hive ransomware operation due to commonalities in the malware used by both groups.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

Exclusive: NSW petroleum distributor allegedly breached by World Leaks hacking group

Daniel Croft

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED