Space Bears claims cyber attack on Sydney dental clinic

At the time, the threat actors claimed to have exfiltrated personal patient data and a “database”, however they did not disclose the specifics of the data.

While Space Bears said they published the allegedly stolen data after the publication timer ran down, Cyber Daily’s investigation has found that the data is unavailable at the link provided.

“This content does not exist,” the file sharing platform reads.

“The content you are looking for could not be found. Possible reasons include: The content has been inactive for an extended period and has been automatically removed [or] the content has been deleted by the owner.”

When reached out to by Cyber Daily, GC Dental declined to comment on the incident.

Who is Space Bears?

VIEW ALL

Space Bears is a relative newcomer on the ransomware scene, first appearing in April 2024 and racking up 118 victims since then. The group’s leak site outlines the steps that victims need to take once targeted.

“If you see that a timer is running in your company’s block, you have a chance to avoid a data leak,” Space Bears’ About page said.

“To do this, you need to write to us in the ‘CONTACT’ form and indicate your details. Our support team will contact you shortly and help you.”

The last Aussie victim of the ransomware group was Sydney MSP Vertel, who confirmed the incident in June last year.

“On Friday, 13 June, Vertel began responding to a cyber security incident,” a Vertel spokesperson told Cyber Daily on 19 June.

“To support our ongoing investigation, Vertel has engaged external cyber security experts at CyberCX, and response firm Atmos, and is working with relevant government authorities.

“Key lines of effort that our independent cyber security experts are working to understand include confirming the nature and extent of the incident, and identifying if data may have been accessed or stolen.”