Mackay Sugar is Australia’s second-largest manufacturer of sugar, with over 700,000 tonnes produced annually. It’s also one of the largest employers in the region. It operates a cogeneration plant that powers approximately a third of the Mackay region’s annual power requirements, roughly the same as 27,000 households.
Yesterday (10 June), Mackay Sugar issued a statement confirming that it had suffered a cyber incident that led to operations at two locations – the Farleigh and Racecourse sugar mills – being brought to a standstill.
“Mackay Sugar is responding to a cyber security incident affecting some of our operations,” the company said.
“Our immediate focus is the safety of our people, protecting operational systems, and maintaining business continuity. We have engaged specialist cyber security experts and are working closely with relevant authorities to investigate the incident and restore systems safely.”
Mackay Sugar said it was currently implementing “interim processes” so that critical business functions could continue and disruption of the business could be mitigated as much as possible.
“We are communicating directly with our employees, growers and key partners and will continue to provide updates as more information becomes available,” the company said.
“We take our responsibility to protect our systems, operations and information very seriously. We apologise for any disruption or uncertainty this incident may cause, and we will provide timely updates as we continue our investigation.”
Cyber Daily has yet to observe any threat actors taking responsibility for the incident.
The Mackay Sugar incident closely follows a cyber attack on Aussie farming group, Tripod Farmers.
Tripod Farmers Group (Tripod Farmers) is an Australian, family-owned salad and vegetable producer that specialises in providing fresh produce to independent and wholesale grocers.
Late last month, Tripod Farmers was listed online by the Qilin ransomware group. According to threat feeds observed by Cyber Daily, the incident occurred around 17 February 2026, suggesting that the threat actor has had access for an extended period.
Speaking with Cyber Daily, Tripod Farmers confirmed it had launched an investigation into the incident.
“Tripod Farmers is investigating a cyber incident involving unauthorised access to a portion of our systems,” the statement said.
“This has not impacted our regular production capabilities or our obligations to our customers.”
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
