Another Australian firm has fallen foul of a ransomware gang, this time property valuers Herron Todd White.
The Black Suit ransomware gang claimed the Aussie scalp on April 27, posting details of the data exfiltrated to its darknet leak site.
Black Suit is not a particularly loquacious outfit. Apart from sharing some info on Herron Todd White copied from the company’s own site, it notes the company has a revenue of $100 million, and notes in rough form what data it claims to have.
“Data 279g – just paperwork, no trash,” a gang spokesperson said.
“20g sql_DB – customer and transaction databases.”
The gang has also compiled “A list of documents of great value” in a smaller 3.3 gigabyte .ZIP archive as proof of the hack, but as of writing the file-sharing site it is hosted on is returning an error, saying the file has reached its download limit.
Black Suit has not shared any details of the ransom demand or deadline, though previous ransom demands have been reported as being sub US$1 million.
Herron Todd White has offices all across Australia. The company claims that “95 per cent of Australia’s population is covered” by its network.
The attack appears to have caused some concern at the company, with some impacted ex-employees speaking to the Australian Financial Review last week about the incident.
“I heard it was through one of their systems that’s redundant,” a former HTW employee told the AFR on April 23.
“All of us ex-HTW staff are talking about it.”
A Herron Todd White spokesperson told the AFR the company was working “diligently and collegiately” with its clients to resolve the issue.
REB's sister site, Cyber Daily, has been in contact with the company’s PR firm and is awaiting further comment on Black Suit’s claims.
Black Suit has enjoyed an impressive period of growth this year. After first appearing in May 2023 – but thought to be made up of members with links to the Royal and Conti ransomware gangs – Black Suit made just a handful of attacks each month leading up to year’s end.
However, the gang claimed nine victims last month, and in April 2024 has already racked up 21 victims, including high profile companies such as US pharmaceutical firm Octapharma Plasma, alongside antipodean victims such as Australian pie maker Vili’s in March.
You are not authorised to post comments.
Comments will undergo moderation before they get published.