A NSW-based distributor of video security products has confirmed it has been responding to a cyber incident after it was listed as a victim on the darknet leak site belonging to the Stormous ransomware operation.
VSP Solutions was listed by the hackers in a 23 May leak post, with the hackers claiming to have stolen more than 40 gigabytes of data.
“+40G Full Financial Backups (Quickbooks & Reckon)-Email Archives & Staff Personal Folders-Customer/Client Databases (Installers & Integrators nationwide)-Shipment & Order Tracking for major brands like Hikvision & Axis,” Stormous said in its leak post.
Within a few days, that data had been published on a popular file-sharing platform. That data, however, is no longer available, with the hosting service stating “the account that created this link has been terminated due to a violation of our terms of service”.
VSP Solutions said it was aware of the claims and is responding to the attack.
“On Wednesday, 13 May 2026, we became aware of a cyber security incident involving our business,” a VSP Solutions spokesperson told Cyber Daily.
“We are aware that certain information associated with our business has been referenced on a dark web leak site of a cyber criminal organisation.
“This incident does not affect our business operations, and we continue to serve our clients as normal with full confidence.
“We are taking this incident very seriously.”
According to VSP, the impacted data is historical in nature and pertains to a related business. The company said it immediately took steps to contain the incident, including engaging “forensics experts and cyber security advisors”.
“We have also engaged with law enforcement and are responding to their enquiries. Relevant Australian government agencies have been notified, and we are cooperating with officials to respond to this criminal activity,” VSP Solutions said.
“Our investigations are ongoing, and we are working to understand the nature and extent of the incident.
“We are committed to communicating with our clients and stakeholders transparently.”
Who is Stormous?
The Stormous group emerged in 2022 and has claimed more than 140 victims since it began operating.
Like Qilin, Stormous provides ransomware-as-a-service capability to its affiliates in return for a share of any ransom paid. The group primarily targets organisations in the technology and business services sectors in the United States, Spain, the United Arab Emirates, and France.
“As a group, Stormous focuses its operations primarily on strategic objectives, which often blend financial and political motivations,” a Stormous spokesperson said in an October 2025 interview.
“Target selection is guided by both perceived ideological alignment and economic opportunity; however, operational focus tends to prioritise opportunities that maximise impact, both financially and in terms of influence.”
According to threat intelligence platform SOCRadar, the group is pro-Russian and is known to employ “double extortion tactics, encrypting and threatening to leak sensitive data”.
VSP is one of several victims claimed by the hackers after an almost six-month hiatus.
Who is VSP Solutions?
VSP Solutions is based in Minchinbury, NSW, and has been a distributor of video security products since 1993.
“With over three decades of industry experience, we deliver bespoke and innovative security solutions designed to meet the evolving needs of our clients – from access control systems to advanced cloud surveillance platforms,” the company said on its website.
The company also has offices in Queensland, Victoria, and Western Australia.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.