Australian accounting firm held to ransom by Hunters International
A ransomware group has claimed to have exfiltrated data from a Sydney-based accounting firm.
Ransomware gang Hunters International has listed accounting firm T A Khoury & Co on its dark web leak site. The ransomware group claims to have stolen 63.7 gigabytes of data, as first reported by sister brand Cyber Daily.
Although the specifics of the data are unknown, Hunters International divided the files into two categories – “Client Files” and “Financial Data”.
While both sections have 63.7 gigabytes of data each, the same amount of data and the identical number of files (149,205) suggest that both categories hold the same data.
T A Khoury & Co is yet to issue a statement on the incident, but according to the VenariX threat feed, the firm’s website was inaccessible for some time. Cyber Daily has since observed that the website is back up.
Unlike some of its other listings, Hunters International has not put a countdown timer on the T A Khoury & Co listing.
Hunters International is a relatively young ransomware gang, having first appeared in October last year. In a short time, it has launched several high-profile attacks, including on the US subsidiary of Australian shipbuilder and defence contractor Austal.
While Hunters International’s origins are up for debate, several cyber experts have concluded that the group appeared out of the ashes of the Hive ransomware group, which was taken down by the FBI midway through last year.
Based on reports, Hunters International has been observed using the same malware code as Hive, with researchers noting some substantial code overlaps.
Accountants have been under increasing pressure in recent years to implement strategies to mitigate the threat of cyber crime, with scams and data breaches on the rise.
A Business Insights report by NAB last year found that one in 10 Australian businesses had been subjected to data breach or cyber crime and cautioned that accounting firms would be the next big target.
NAB executive of business banking – metro and specialised, Julie Rynski, warned that firms must be on their toes and have strict cyber security strategies to ward off potential breaches.
“Accounting firms are responsible for a substantial amount of data and personal information – both their own and that of their customers. Keeping this business and consumer data safe is a significant task with scams and cyber-attacks becoming increasingly common,” Rynski previously told Accountants Daily.