Gelatissimo is the nation’s largest gelato retail brand, with over 50 locations in Australia since it was formed in 2002, as well as several overseas.
The company was listed on the dark web leak site of the DragonForce ransomware gang, which claimed to have stolen 352.24 gigabytes of data in the breach.
In an exclusive statement to Cyber Daily, a spokesperson for Gelatissimo confirmed that it detected unauthorised access to its network and the claims made by DragonForce.
“We are investigating a cyber incident following the detection of unauthorised access to part of our systems,” the spokesperson said.
“We are also aware of claims made by an unauthorised external party that information accessed from our systems has been published online. Immediately at the time of discovering the incident, we engaged cyber security experts to contain and investigate the incident.
“We are working urgently to verify the third party’s claims and understand the nature and extent of any information impacted.”
The company also said it has notified relevant authorities of the incident.
“We have also notified the Office of the Australian Information Commissioner and the Australian Cyber Security Centre, and are committed to meeting our regulatory obligations,” it said.
“Protecting the information entrusted to us is a responsibility we take very seriously, and we apologise for any concern this incident may cause.”
DragonForce said it will publish the data it claims to have stolen in just over three days at the time of writing.
Who is DragonForce?
DragonForce runs a ransomware-as-a-service operation in which affiliates can hire the gang’s ransomware platform in return for a cut of any profits. The gang passes on up to 80 per cent of ransom payments and commonly advertises its services on Russian-language hacking forums.
The group is believed to have links to the LockBit ransomware operation and engages in double-extortion tactics. It has claimed 505 victims to date, over double what it had in just September last year.
Last year, the group claimed an incident on Queensland-based Toowoomba Friendlies Society Dispensary, claiming to have stolen 35.82 gigabytes of data, including financial documents, counterparties and clients.
The data that was freely available on the darknet includes highly sensitive medical documents featuring the names, addresses, and – in some cases – photographs of patients, as well as the treatment/s they have been receiving, from methadone treatment to prescriptions of emergency contraceptives.
Vaccination lists, details of staff pay, and scans of employees’ Medicare cards and driver’s licenses have also been shared by the hackers.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
