Clutch Industries, an Australian auto parts manufacturer, has confirmed it was the target of a cyber attack after the Lynx ransomware gang named the company on its darknet leak site. A company spokesperson stated that Clutch Industries had been informed of the incident following a cyber attack that compromised some of its data. The company has prioritized an investigation to determine the extent of the data breach. While the investigation is ongoing, the company believes that the compromised data mainly involves internal operational information. Clutch Industries assured that if personal or sensitive data was affected, it would notify the impacted parties as per its obligations.
The Lynx ransomware group claimed responsibility for the attack, asserting that it had stolen 350 gigabytes of data from Clutch Industries.
The group also listed various types of data, including user and business data, employee details, and financial information. Some of the stolen data appeared to be sourced from different shares and personal folders, though there were indications that personal data was minimal. The stolen files, which were published online, contained a wide range of internal data, such as purchasing and stock data, engineering files, and sales and marketing information. The company’s response included notifying the Australian Cyber Security Centre, highlighting its commitment to mitigating future risks.
The gang’s attack methods involve double extortion tactics, where they first encrypt a company’s data and then threaten to release it unless a ransom is paid. The Clutch Industries attack is part of a series of incidents where the Lynx group has been active since its first known attack in July 2024. This recent breach comes after the group claimed responsibility for hacking Novati Constructions on January 13, 2025. As a relatively new player in the ransomware world, Lynx has already targeted over 100 victims, and it appears to be expanding its reach, with businesses across various sectors at risk.
Clutch Industries, based in Coburg North, Victoria, is a full-service clutch manufacturer with a strong focus on research and development. The company operates multiple distribution centers in major Australian cities and internationally, including locations in New Zealand, the UK, and the US. While the company works to recover from the cyber attack and reinforce its security, it has expressed gratitude for the continued support of its stakeholders. The breach underscores the growing threat of ransomware attacks on businesses and highlights the importance of cybersecurity measures for organizations globally.
Reference:
