Bendigo and District Aboriginal Co-operative (BDAC) is an Aboriginal community-controlled organisation that delivers health, education, culture, employment, family and community services to the Aboriginal and Torres Strait Islander community of Dja Dja Wurrung.
BDAC was listed on the dark web leak site of INC Ransom over the weekend, with the threat group thus claiming to have breached the firm.
While INC Ransom provided little to no detail of the incident, BDAC confirmed with Cyber Daily that it had detected a cyber incident and secured it the same day, limiting the impact.
“Bendigo & District Aboriginal Co-operative (BDAC) can confirm that we recently experienced a cyber incident affecting part of our IT system,” BDAC wrote in a statement.
“The issue was identified promptly, contained the same day, and our systems are secure. There has been a limited impact on our services to Community.”
BDAC also informed relevant government authorities including the Office of the Information Commissioner (OAIC) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC).
It also says it is working closely with authorities as it continues to investigate the matter, and has implemented new security measures to bolster itself against threats.
“The privacy and safety of our staff, members and Community is always our priority. We are carefully reviewing the details of what occurred and are committed to communicating openly as the investigation progresses.”
Who is INC Ransom?
INC Ransom was first observed in August 2023 and has claimed 760 victims since then, making it one of the top five most active ransomware groups at the time of writing. It is a ransomware-as-a-service operation, offering its ransomware expertise to any hacker in return for a cut of any profits.
The group uses spear-phishing tactics to gain initial access and double extortion to pressure its victims – this means it exfiltrates data from a victim’s network before encrypting it in place.
The victim must then pay a ransom not only to recover the data encrypted on its own systems but also to ensure that it is not published to the darknet or sold to another threat actor.
The group’s most recent alleged Australian victim prior to BDAC was NSW pharmacy management firm RX Management, who was listed on the dark web leak site on April 8. INC Ransom claimed to have stolen 180 gigabytes of data.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
