DragonForce claims cyber attack on Yakult Australia

Yakult Australia said it is continuing to operate despite a “cyber incident” that has affected systems used for Australia and New Zealand.

Yakult Australia is based in Dandenong in Victoria. Yakult is a fermented milk drink.
Bleeping Computer, which first reported the incident, said 95GB of data had been leaked by a threat actor called DragonForce.

BleepingComputer analysed a small portion of the leaked dump that appeared to contain several business documents, spreadsheets, credit applications made by Yakult Australia, employee records, and copies of identity documents such as passports.

While the company's IT systems in Australia as well as New Zealand were hit, the offices in both regions remain open and operational.

THE cybercrime actor 'DragonForce' has taken responsibility for the incident and listed Yakult Australia to its onion leak site on December 20th, while publicly threatening to leak 95.19 GB of data, which the group has now done.

The beverage maker  has notified the Australian Cyber Security Centre, the New Zealand National Cyber Security Centre, the Office of the Australian Information Commissioner, and the Office of the Privacy Commissioner New Zealand.

An important message tab on its website states it is “working with cyber incident experts to investigate the extent of the incident”.

- CyberBeat