The Royal Brighton Yacht Club (RBYC) in Victoria, Australia, has confirmed it was targeted by a ransomware attack orchestrated by the Medusa gang. This sophisticated breach, executed through a compromised third-party point-of-sale system, led to the encryption of the club’s systems and the exposure of sensitive personal and financial data. The attackers have claimed responsibility by posting over 94 gigabytes of stolen data on their darknet leak site, which includes personal details, financial records, and internal documents from the club.
Managing Director Philip Hall stated that the club was made aware of the attack and took immediate action to contain the incident. They engaged a cybersecurity partner to handle the response and remediation efforts, which involved isolating affected systems and restoring services. The RBYC is collaborating with the Australian Cyber Security Centre (ACSC) and is working to improve its cybersecurity measures to prevent future incidents.
The breach has raised significant concerns about data security, with the exposed information including names, addresses, phone numbers of members, and details related to their membership fees. Employee data, such as superannuation and contact information, along with internal emails and login credentials for external suppliers, was also compromised. The club is in the process of notifying those affected and addressing the security implications of the breach.
The Medusa gang has demanded a ransom of $100,000, setting an eight-day deadline for payment. In response to the attack, the Royal Brighton Yacht Club is focused on safeguarding its data and minimizing operational disruptions. The organization has committed to maintaining robust security protocols and apologizes for any inconvenience caused, as it continues to manage the fallout from this significant cyber attack.
Reference:
