The Australian College of Business Intelligence (ACBI) has said it is aware of claims made by a ransomware group and is actively investigating a potential cyber incident.
The Qilin cyber extortion group listed ACBI on 15 May; however, the affiliate behind the alleged attack has so far declined to share any details of the incident or samples of data exfiltrated.
An ACBI spokesperson said the college was aware of the claims.
“ACBI is aware of the matter and is actively working with external cyber security specialists and relevant authorities,” the spokesperson told Cyber Daily.
The college discovered the hackers’ claims after being informed by its IT services provider, with investigations into the scale and timing of the incident ongoing.
“ACBI has informed key internal stakeholders and is undertaking appropriate notification processes with relevant education and regulatory bodies,” the ACBI said.
“Initial investigations have found no evidence that student data has been compromised; however, we are continuing to monitor the situation and working under guidance from our IT service provider and the relevant authorities.”
The ACBI has informed the Australian Cyber Security Centre and is “working in accordance with the guidance provided”.
Who is Qilin?
While the depleted LockBit group remains the most devastating ransomware actor in terms of victim count over the last four years, 2025 and – so far – 2026 belong to Qilin, the number one most active group in the world right now.
Since forming in 2022, the group has claimed 1,844 victims across 96 countries. Notable recent victims include the Volkswagen Group France and popular beverage producer Asahi. The latter attack compromised both production lines and customer personal data.
The group has been particularly active in Australia in recent weeks, listing facility services firm the Menzies Group, hospitality IT provider Bluize, and financial services company Generation Life in just the last week alone.
As a ransomware-as-a-service operation, Qilin hires out its ransomware platform to affiliates in return for a cut of any ransom profits. However, some affiliates appear to be less active than others, with several recent hack claims not developing beyond the initial listing.
The group is thought to rely upon a mix of phishing, exploitation of network device software vulnerabilities, and vulnerabilities in backup services as attack vectors.
Who is the Australian College of Business Intelligence?
Based in Sydney’s Haymarket, the ACBI provides a range of courses and training covering topics such as artificial intelligence, digital marketing, and IT.
It provides educational services for both organisations and individual students and offers courses both in-person and online.
According to higher education comparison platform Educonnect, the college currently has 1,271 students enrolled.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.