The hacking group responsible for a disruptive cyber attack on a Victorian poultry giant, Hazeldene's, has published a tranche of stolen documents to its darknet leak site.
The DragonForce group, a well-known ransomware-as-service operation, listed the company on March 11, alongside evidence of the hack and a link to the full 78.98 gigabyte dataset.
Hazeldenes has published an update on the incident it its website.
"Hazeldenes’ investigation into the recent cyber incident has confirmed data, including personal information, has been accessed. Our review to date indicates the data impact is largely limited to historical operational and corporate information," the update, posted on March 12, said.
"Through our routine monitoring today we have also become aware that cyber criminals have named Hazeldenes on the dark web and illegally shared data that was stolen from our environment.
"Hazeldenes would like to assure our community that we are taking all appropriate steps in response to this situation to protect our stakeholders that may be impacted by the incident."
The company has also obtained a worldwide interim injunction in Australia. This prevents any stolen data from being accessed, viewed, released, transmitted, used or published by anyone.
Hazeldens is continuing to monitor the situation and is working with external cyber experts and the Australian National Office of Cyber Security, the National Cyber Security Coordinator and the Office of the Australian Information Commissioner.
What happened?
Hazeldenes, one of the country’s largest poultry producers, told Cyber Daily last month it had first begun responding to a cyber incident on 19 February.
“Hazeldenes immediately started taking steps to contain the incident, engaged external cyber security experts, and notifying relevant authorities,” a Hazeldenes spokesperson.
The company added that its investigation into the incident was ongoing.
“We are working with partners to restore impacted operations and understand what has happened,” Hazeldenes said.
“Our priority is the welfare of our people, our animals, our customers and our partners, as we work to resume normal operations.
“We apologise for this disruption and any concern it may have caused. If any data has been impacted, we will notify impacted individuals as required.”
At the time, the attack caused considerable disruption to local chicken deliveries, leaving some regional butchers and hotels short of product.
Who is DragonForce?
DragonForce runs a ransomware-as-a-service operation where affiliates can hire the gang’s ransomware platform in return for a cut of any profits. The gang passes on up to 80 per cent of ransom payments and commonly advertises its services on Russian-language hacking forums.
The group is believed to have links to the LockBit ransomware operation and engages in double-extortion tactics. It has claimed 248 victims to date, with the most recent Australian victim being Queensland-based Toowoomba Friendlies Society Dispensary, which was listed by the hackers in September 2025.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.