Gregory Jewellers is an Australian-owned retailer that specialises in fine jewellery, watches, and accessories. The company’s production is based in Sydney’s CBD and has over 45 years of heritage in crafting fine jewellery.
The company was listed on the dark web leak site of the Kairos ransomware gang, which claimed to have stolen 574 gigabytes of data from the company.
While the group gave no details of the incident, it shared a sample of data containing personal information of clients, internal documents relating to an investigation, customer purchase history, a passport, and more.
However, at the time of writing, the listing has disappeared from the leak site, and the sample can no longer be accessed.
Speaking with Cyber Daily, Gregory Jewellers confirmed that a cyber incident had occurred.
“Gregory Jewellers recently identified a cyber incident involving an unauthorised third party accessing a part of Gregory Jewellers’ IT systems,” said a company spokesperson.
“We engaged independent experts to assist with an investigation and provide advice. We are operating as usual, while investigations into the type and extent of data impacted are ongoing.
“Gregory Jewellers has reported the incident to the Office of the Australian Information Commissioner and Australian Cyber Security Centre. We have communicated with staff and clients as appropriate about the incident.
“We will continue to share relevant updates as our investigation progresses.”
Who is Kairos?
Kairos shared details of its first victim in November 2024, and since then, it has claimed attacks on at least 80 other victims.
According to threat intelligence firm CYJAX, Kairos is active on several Russian-language hacking forums and does not appear to be linked to other hacking groups.
Kairos has targeted at least three Australian victims in April alone, with its latest being NSW-based Strata Republic, which the hacker claimed to have stolen 441 gigabytes of data from.
Kairos published several files as evidence of the hack, including what appears to be a letter of reprimand to a Strata Republic employee, a strata plan balance sheet, an income tax report (including Tax File Number), and an employee’s driver’s licence. Kairos had redacted names and other details from some of the documents.
In addition, the hackers published what looks to be a photograph from a Christmas party, featuring several men standing around a topless woman.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
