The biggest producer of probiotic drinks in the world, Yakult, was the target of a significant that exposed private data and corporate records on the dark web.
The threat actor DragonForce claims to have accessed over 95GB of Yakult data and is believed to be responsible for the issue.
This “cyber incident” impacted the IT systems of the business in New Zealand and Australia.
The Business Has Been the Victim Of Ransomware Attacks
The Melbourne-based company, situated in Dandenong, refuses to speak further. Still, ABC Investigations acknowledges that it has been the victim of a ransomware attack, a kind of cybercrime in which hackers try to scare a business into paying them money in exchange for not revealing stolen content.
DragonForce, a threat actor that has identified around two dozen targets that have declined to cooperate since the beginning of December, is the group that has taken responsibility for the breach.
Reports say its aims range from a family charity in Texas to business organizations like a South Australian bathroom maker and Coca-Cola in Singapore. Every time, a cache of the files belonging to each of the victims has been made public by the group.
DragonForce Malaysia, a hacktivist group that has been targeting Israeli government agencies, does not seem to have any direct connection to these criminals.
According to an analysis conducted by the ABC, a sample of the leaked files includes firm information from 2001 onward.
The sensitive information of the employees includes:
- Scans of passports
- Drivers’ licenses
- Pre-employment medical assessments and certificates
- Salaries
- Performance reviews
At least one of the passport scans is associated with a warehouse employee. The ABC discovered Japanese passports in the hacked collection, where Yakult’s parent firm is situated.
Nearly 9,000 people’s names and addresses are contained in another database. Although it’s unclear if these are customer records, it has been confirmed that at least some of the names and addresses are correct.
On December 15, Yakult Australia learned of the cyberattack. Before releasing the stolen cache on Christmas Day morning, DragonForce mentioned the probiotic company as one of its victims five days later.
Yakult Australia posted a statement on its website stating that “it was working with cyber incident experts to investigate the extent of the incident.”
“All our offices in Australia and New Zealand remain open and continue to operate,” the statement continued.