Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers have allegedly breached a Queensland medical centre, having posted data they claim belongs to the company.
Hyperdome Doctors and Skin Clinic is a Loganholme, Queensland-based medical centre that has been operating since 2000, “providing high quality, comprehensive care to all families and individuals in our community”.
The SafePay ransomware group listed another business, Hyperdome Medical Centre in the ACT. However, the ACT business confirmed with Cyber Daily that it was not the business impacted by SafePay.
Based on Cyber Daily’s investigation into the incident, the alleged data pertains to Hyperdome Doctors and Skin Clinic instead, with the threat actors having incorrectly listed the medical centre.
While not confirmed to be legitimate data, the listing contains information about practitioners at the medical centre, as well as internal documents and more.
Cyber Daily has reached out to Hyperdome Doctors and Skin Clinic for more information and is awaiting a response.
Who is SafePay?
SafePay is a relatively new player in the ransomware game, having first been observed active in October 2024.
The group has been observed targeting businesses in Australia, the United Kingdom, the United States, Italy, New Zealand, Canada, Belgium, Brazil, Germany, Barbados, and Argentina, and, according to the group, is not a ransomware-as-a-service (RaaS) operation.
“SafePay ransomware has never provided and does not provide the RaaS,” it said on its dark web leak site.
The company’s most recent Australian victim, BECKS Group Australia, was listed around the same time as BarNet.
Founded in 1976, BECKS is a jewellery maker that crafts high-quality rings for weddings, gifts and premium wear. It also provides services to jewellers, including alloy supply and CAD design, such as casting, moulding, and refining.
Late last week, the SafePay ransomware gang listed BECKS on its dark web leak site, claiming to have exfiltrated data from the company’s network.
While the threat actor said nothing beyond suggesting it would release the data by Tuesday AEST, BECKS issued a statement regarding the incident, saying it had already contacted customers and stakeholders of the incident.
“As soon as we became aware of the incident, we took immediate steps to contain its impact and escalate the matter to relevant authorities, including the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and South Australia Police,” the company said.
BECKS also wrote that its investigation suggests some data has likely been compromised in the incident.
Be the first to hear the latest developments in the cyber industry.
