Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
An Australian firm with a global footprint is one of the latest victims of the infamous hacking group responsible for thousands of data breaches.
The Clop extortion operation – well known for its mass exploitation of vulnerabilities in vital third-party software used by some of the world’s biggest companies – has listed a slew of new victims on its darknet leak site, including an Australian mining and resources consultancy, Ausenco.
Ausenco is one of seven companies listed as having a page created for its upcoming leak on 23 October, but as yet no data has been posted on the leak page beyond Clop’s usual boilerplate rhetoric.
“The company doesn’t care about its customers, it ignored their security!!!” the leak page said.
“Attention, dear companies, all companies that have received information from us about the situation, please contact us!!! This will prevent publication,” the group said at the top of its main page, meaning that it has presumably made some form of contact with Ausenco alongside the other newly listed victims.
Clop has not listed its ransom demands, nor how much data it is claiming to have stolen. The gang was in the headlines recently in connection with a series of extortion letters sent to company executives, saying that Clop had accessed data on their Oracle E-Business Suite platforms.
“We are CL0P team. If you haven’t heard about us, you can google about us on internet,” an alleged Clop spokesperson said in an email published by Dark Web Informer.
“We have recently breached your Oracle E-Business Suite application and copied a lot of documents. All the private files and other information are now held on our systems.”
The Scattered Lapsu$ hackers were also thought to have been involved in the exploitation of Oracle’s customer base.
Ausenco boasts 21 offices across five continents and is headquartered in Brisbane. It is involved in 34 projects across Australia, with more than a hundred elsewhere in the world. The company offers consulting services to the mining and resources sector, as well as the industrial and infrastructure sectors.
“Combining deep technical expertise with a 30-year track record, we deliver innovative, value-add consulting, studies, project delivery, asset operations and maintenance solutions to the minerals and metals and industrial sectors,” the company said on its website.
Ausenco has not responded to Cyber Daily’s request for comment.
First observed in early 2023, the Clop operation has claimed 1,014 victims, often releasing the details of dozens of breaches at a time following mass exploitation of third-party platforms such as file transfer programs. Ampol, Linfox, and Steel Blue are among its Australian victims.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
