Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Beast ransomware group posts medical and treatment details of patients of a Broken Hill-based healthcare group.
A ransomware group that first emerged in July 2025 has listed the regional Outback Pharmacies group as a victim on its darknet leak site.
Beast – also known as Gigakick – posted details of its alleged hack of the pharmacy group Outback Pharmacies on 19 November, claiming to have stolen 150 gigabytes of data.
While the hackers did not share any details of their ransom demand, nor when they intend to publish the full data set, they did post several documents stolen from the victim. These documents are largely medical in nature, including details of patient treatment plans, prescribed medicines, and patient financial data.
The Outback Pharmacies Group operates five stores in Broken Hill: C.P Peoples Chemist, Good Price Pharmacy Warehouse Broken Hill, Tembys Night & Day Pharmacy, Netting Chemist, and Westside Plaza Pharmacy. The group offers a range of services, including vaccinations, medicine packs, home medicine reviews, and an opioid substitution program.
C.P Peoples Chemist also works with the Royal Flying Doctors Service.
Outback Pharmacies has not responded to Cyber Daily’s request for comment.
The Beast hacking group was first observed in July 2025, though it has links to an earlier ransomware operation, Monster. That group had been seen promoting the Beast ransomware strain on Russian-language hacking forums a year earlier.
“While Beast inherited much of Monster’s code, it introduced stronger encryption, multi-threaded processing, service termination, shadow-copy deletion, and other features designed to improve efficiency and reach,” according to cyber security firm SOCRadar.
“Analysts note that despite its technical sophistication, Beast has not yet achieved the widespread impact of leading ransomware families.”
The group mostly targets US entities in the construction and manufacturing sectors; however, healthcare organisations are Beast’s third-most targeted sector, and it does have many international victims.
“By hitting essential industries and showing a strong preference for US organisations while still affecting victims in other countries, Beast’s activity appears driven mainly by financial gain,” SOCRadar said.
“The pattern suggests opportunism rather than a refined strategic focus. They go where the chance of profit is highest, hitting targets that are more likely to pay quickly to restore operations and protect their data.”
Outback Pharmacies is Beast’s first Australian victim.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
