Hazeldenes, one of the largest poultry farms in Australia, has been dealing with the aftermath of a cyberattack attack by DragonForce, an infamous cybercriminal group, since mid-February this year. The breach initially forced the company to pause operations as its systems went offline. The saga appears to be coming to a close, with nearly 80GB of Hazeldenes’ company data now published on the darknet.
A Little About DragonForce
First appearing in 2023, DragonForce emerged as a group involved in hacktivism, organized cybercrime, and ransomware as a service. Its exact location is unclear, though some reports suggest it evolved from a Malaysian hacktivist group. DragonForce has been linked to numerous high-profile cyberattacks, reportedly causing hundreds of millions in damages. Extorting companies and publishing stolen data is routine for the group, and Hazeldenes is far from an isolated case. As of writing, at least 13 other companies are reportedly being actively extorted, with countdowns to the release of their data on DragonForce’s onion service.
The Hazeldenes Saga
The attack was first reported on 19 February. Its immediate impact included a shutdown of the company’s Wi-Fi systems across its premises. In fact, employees had reported login issues and abnormal system behavior a week before the attack was officially discovered, suggesting that the attackers had a significant head start. The disruptions led to short-term chicken shortages in parts of Australia, leaving some businesses without meat.
Hazeldenes quickly acknowledged the attack, stating that they were working to assess the full impact and fully restore operations. The company also apologized for any disruptions caused. However, Hazeldenes did not immediately disclose the full extent of the breach or identify the attackers, and there were indications that foul play was suspected, which may explain the Wi-Fi system shutdown.
The Full Extent
On 11 March, DragonForce published 80GB of stolen Hazeldenes data on their darknet portal. The leaked data includes corporate documents, agreements, logs, and even employee information. Hazeldenes acknowledged the breach after reportedly discovering it through “routine darknet monitoring”. The company stated, “Hazeldenes would like to assure our community that we are taking all appropriate steps in response to this situation to protect our stakeholders who may be impacted by the incident”.
Conclusion
Hazeldenes is yet another victim in the rapidly growing list of targeted companies. In today’s environment, any unsecured piece of infrastructure is effectively inviting trouble. Some details about the attack remain unclear, including exactly how the company was compromised and whether the hackers demanded a ransom, or how much, before publishing the data.
0 Comments