Gelatissimo is the nation’s largest gelato retail brand, with over 50 locations in Australia since it was formed in 2002, as well as several overseas.
The company was listed on the dark web leak site of the DragonForce ransomware gang, which claimed to have stolen 352.24 gigabytes of data in the breach.
While the group did not outline details of the incident, it posted a sample of the data it allegedly stole, which contained six screenshots of internal documents and records.
The posted sample contained alleged employee and executive team details, including names, income types, IDs, partial tax file numbers, emails, phone numbers and roles, a receipt containing financial account details, an incident report, a bank statement, and a visa application form containing extensive personal data.
These details pertain to staff in Australia, as well as in the Philippines, where the company has six outlets.
The threat group also said it would publish the entirety of the allegedly stolen data in just over four days at the time of writing.
Cyber Daily has been in contact with Gelatissimo and is currently awaiting comment on the incident.
Who is DragonForce?
DragonForce runs a ransomware-as-a-service operation in which affiliates can hire the gang’s ransomware platform in return for a cut of any profits. The gang passes on up to 80 per cent of ransom payments and commonly advertises its services on Russian-language hacking forums.
The group is believed to have links to the LockBit ransomware operation and engages in double-extortion tactics. It has claimed 505 victims to date, over double what it had in just September last year.
Last year, the group claimed an incident on Queensland-based Toowoomba Friendlies Society Dispensary, claiming to have stolen 35.82 gigabytes of data, including financial documents, counterparties and clients.
The data that was freely available on the darknet includes highly sensitive medical documents featuring the names, addresses, and – in some cases – photographs of patients, as well as the treatment/s they have been receiving, from methadone treatment to prescriptions of emergency contraceptives.
Vaccination lists, details of staff pay, and scans of employees’ Medicare cards and driver’s licenses have also been shared by the hackers.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
