Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers share salary details, staff driver’s licenses, and sensitive correspondence as proof of exfiltration.
The Kairos ransomware group has claimed to have successfully hacked the Heidelberg Golf Club in the Melbourne suburb of the same name, sharing documents and personal information that appears to have been stolen from the club.
Kairos rarely editorialises about its operations; instead, it chooses to share revenue details gleaned from web searches alongside the sectors its victims are involved in. The gang also does not share ransom details, although Kairos has said data will be published within seven days.
What Kairos has shared, however, is that it claims to have stolen 24.6 gigabytes of data, and it has posted several documents already to prove the hack was successful.
The information posted to the darknet includes staff salary details, a scan of a driver’s licence, financial data, and several pieces of correspondence between the club and its members alleging behaviour in contradiction of the club’s bylaws.
Cyber Daily has reached out to Heidelberg Golf Club for comment, but has yet to receive a response.
According to threat intelligence firm Cyjax, Kairos is active on several Russian-language hacking forums and does not appear to be linked to other hacking groups.
The group provides some information on its operations on its leak site, however. According to Kairos, victims are initially given seven days to respond to its demands, and once that deadline is passed, the gang publishes its initial leak post.
“If no agreement is reached within seven days, we will publish the fact of the data compromise on our website,” Kairos said.
“If the situation remains unresolved after seven days, we will notify your partners, competitors, and customers and then publish your data in full. This could lead to legal actions, termination of contracts, reputational damage, stock value drops, and potential closure of your organisation.”
Kairos was first observed in November 2024, and the gang has claimed at least 52 victims since then. Its most recent victim was real estate firm The Property Business Australia, which was listed by the hackers on 16 September.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
