A sample of the files leaked, analysed by the ABC, reveal company data dating back to 2001 Yakult Australia has confirmed it was impacted by a cyber incident, and says all its offices in Australia and New Zealand are still operating
Yakult Australia, the manufacturer of the popular probiotic milk drink, has recently confirmed a cyber incident that took place in mid-December. The breach impacted both Australian and New Zealand IT systems. The responsible party, a cybercrime group called ‘DragonForce,’ claimed responsibility for the attack and proceeded to leak 95 GB of data allegedly belonging to Yakult Australia.
In response to inquiries, David Whatley, Director of Yakult Australia, said that the company became aware of the cyber incident on the morning of December 15th. The full extent of the attack is still under investigation, and Yakult is actively collaborating with cybersecurity experts to address the matter urgently. The precise details of how the cyber incident occurred remain undisclosed.
Despite the impact on IT systems in both Australia and New Zealand, Yakult’s offices in these regions continue to operate normally. To keep stakeholders informed, the company has placed an “important message” on its website, pledging to provide further updates as the investigation progresses.
DragonForce, the cybercrime actor behind the attack, listed Yakult Australia on its onion leak site on December 20th. The group threatened to leak 95.19 GB of data, a threat they subsequently executed. BleepingComputer conducted an analysis of a portion of the leaked data, revealing business documents, spreadsheets, credit applications, employee records, and identity documents.
Notably, DragonForce follows a consistent pattern of attempting to extort payment from its victims. If cooperation is denied, the group publicly releases stolen assets and data. While limited information is available about DragonForce, the group has listed 20 victims on its leak site. It’s crucial to distinguish that, in this context, DragonForce is unrelated to DragonForce Malaysia, a hacktivist group known for targeting government agencies in the Middle East. As cybersecurity threats evolve, vigilance and proactive measures become increasingly vital for organisations to safeguard sensitive information and maintain the trust of their stakeholders.
