Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The infamous group behind a string of high-profile breaches has taken responsibility for a third-party hack of a famous Australian PPE maker.
The Clop cyber extortion operation has listed Melbourne-based PPE producer Ansell as a victim on its darknet leak site weeks after the company revealed it had warned of “unauthorised data access” in an ASX announcement.
The hackers have published a 552-gigabyte dataset they allege to have exfiltrated from Ansell’s network, hosting the data via the peer-to-peer BitTorrent protocol. According to the torrent file’s details, it was first made available on 3 November and has been downloaded by 15 individuals at the time of publication.
In its leak post, Clop said that Ansell “deliberately neglected their legal obligations to ensure the security of the data they collect WITHOUT permission”.
“They should also be sued by everyone who did not consent to the data collection!!!” Clop said
The hackers have not said what data may be involved in the breach, nor shared any evidence of the hack or a ransom demand. Cyber Daily understands Ansell has taken out an injunction preventing access or dissemination of data stolen in the incident.
Ansell first revealed details on the incident on 14 October in a “Notification of unauthorised access data access” to the Australian Stock Exchange.
“Ansell Limited advises it recently identified unauthorised access to certain sets of company data. There has been no disruption to operations,” the company said in its 14 October statement.
“The unauthorised access via licensed third-party software vulnerabilities was limited and did not impact the broader company environment. As soon as this was detected, we took immediate containment action.
“Initial findings indicate that a majority of the accessed data consisted of non-sensitive business information. A portion, however, does contain confidential transactional data or personally identifiable information.”
At the time, Ansell said it was working with the Australian National Office of Cyber Security and the National Cyber Security Coordinator, as well as several other regulators and government agencies.
Clop is well known for taking advantage of vulnerabilities in popular third-party software platforms widely used by companies all over the world. Most recently, it appeared to be linked to an email campaign sent to company executives claiming it had accessed data on their Oracle E-Business Suite platforms.
“We are CL0P team. If you haven’t heard about us, you can google about us on internet,” an alleged Clop spokesperson said in an email published by Dark Web Informer.
“We have recently breached your Oracle E-Business Suite application and copied a lot of documents. All the private files and other information are now held on our systems.”
Clop’s most recent Australian victim was resources consultancy Ausenco, which it listed on 23 October.
Cyber Daily has reached out to Ansell for comment on the hackers’ claims.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
