In this instance, the REvil ransomware operators struck Lion and proclaimed to have sensitive and highly confidential documents from the company’s database.
Lion is one of Australasia’s largest food and beverage companies, employing over 7,000 people across Australia and New Zealand. With a proud history extending back to 1840, they market premium brands in the dairy, juice, soy, beer, cider, fine wine, spirits, alcoholic ready-to-drinks and non-alcohol beverages categories. They are one of the leading foods and beverage companies in Australasia, and their brands are also market leaders across a number of different categories. This diverse portfolio, produced across 46 sites, collectively generates revenues of around $4 billion each year.
As per now, the ransomware operators have posted a sample of files and data of the company being downloaded by them. As per the Cyble Research Team, this small data leak from the large lot seems to be a warning for the company to accept the terms of the ransomware operators. Unfortunately, if the terms are not being accepted by Lion, then the REvil ransomware operators seem to leak a large lot of sensitive data of the company within 5 days.
The ransomware operators have posted, what seems to be, highly sensitive and confidential files of the company. The Cyble researchers are examining the data which includes corporate operational data i.e. detailed information of their customers and clients, network architecture information of the company, and much more.
Below is the snapshot of the message and the list of files being posted by REvil ransomware operators.
We recommend people to:
- Never share personal information, including financial information over the phone, email or SMSs
- Use strong passwords and enforce multi-factor authentication where possible
- Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
- Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
- Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
- People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.
Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks.