Seagrass Boutique Hospitality Group is a Rhodes, NSW-based hospitality organisation behind a number of major restaurants, brands and experiences, including The Meat & Wine Co, Hunter Barrel, and more.
The Kairos ransomware gang claimed the cyber attack on the hospitality group on 12 February. Cyber Daily has been unable to access the threat actors’ dark web leak site.
However, Seagrass has confirmed the cyber incident in a statement on its website.
“On 12 February, we identified a cyber security incident involving unauthorised access to part of our IT network,” the company said.
“We immediately activated our incident response, and with the assistance of external cyber security experts, we have isolated the affected system.
“An investigation into what data may have been impacted is underway. We will provide more information as the investigation continues.”
When contacted by Cyber Daily, Seagrass declined to give additional commentary about the incident.
According to threat intelligence firm CYJAX, Kairos is active on several Russian-language hacking forums and does not appear to be linked to other hacking groups.
The group provides some information on its operations on its leak site, however. According to Kairos, victims are initially given seven days to respond to its demands, and once that deadline is passed, the gang publishes its initial leak post.
“If no agreement is reached within seven days, we will publish the fact of the data compromise on our website,” Kairos said.
“If the situation remains unresolved after seven days, we will notify your partners, competitors, and customers and then publish your data in full. This could lead to legal actions, termination of contracts, reputational damage, stock value drops, and potential closure of your organisation.”
Kairos was first observed in November 2024, and the gang has claimed at least 70 victims since then. Its most recent Australian victim was Melbourne-based Heidelberg Golf Club, from which it claimed to have stolen 24.6 gigabytes of data.
