Brooklands of Mornington is a resort-style hotel based on the Mornington Peninsula in Victoria. It prides itself on its amenities, rooms and location, which is set on three acres of landscaped gardens and is close to attractions.
On 6 April 2026, Brooklands of Mornington was listed on the dark web leak site of the Space Bears ransomware group, which claimed to have stolen personal data belonging to both guests and staff, financial documents and “other files”.
While Space Bears did not provide details as to the specifics of the data, nor how much it exfiltrated, it said that it will publish the allegedly stolen files in just over five days at the time of writing.
Cyber Daily has reached out to Brooklands of Mornington for more information and is awaiting a response.
Who is Space Bears?
Space Bears is a relative newcomer on the ransomware scene, first appearing in April 2024 and racking up 118 victims since then. The group’s leak site outlines the steps that victims need to take once targeted.
“If you see that a timer is running in your company’s block, you have a chance to avoid a data leak,” Space Bears’ About page said.
“To do this, you need to write to us in the ‘CONTACT’ form and indicate your details. Our support team will contact you shortly and help you.”
The last Aussie victim of the ransomware group was Sydney dental clinic GC Dental.
The clinic was listed on the dark web by the Space Bears ransomware group in early February 2026; however, according to Ransomware.live, the alleged incident is estimated to have taken place on 18 December 2025.
According to the threat actors, they exfiltrated personal patient data and a “database”. However, they did not disclose the specifics of the data.
While Space Bears said it published the allegedly stolen data after the publication timer ran down, Cyber Daily’s investigation has found that the data is unavailable at the link provided.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
