New Zealand-based whitegoods manufacturer, Fisher and Paykel, has been hit by a ransomware attack.
Fisher and Paykel spokesperson, Andrew Luxmoore, said the incident occurred early last week and has impacted the company's manufacturing and distribution.
"The attempt was identified quickly and, as a result, we locked down our IT ecosystem immediately," Luxmoore told Information Age via email.
"We are currently working with third party experts to restore our systems and our ability to take and fulfil orders, as well as introducing additional security measures.
"We are one of many businesses that have been the subject of a global cyber-attack in recent months, and we are working closely with other businesses to understand how we can better protect ourselves from this type of criminal activity."
Nefilim, the name of the hacker group behind the attack, dropped an initial leak of Fisher and Paykel's corporate files on the dark web this week.
Referred to as "Part 1" on the Nefilim ‘Corporate Leaks’ site, the 424MB folder contains financial data like balance sheets, reviews, and budgets dating back to 2013.
The dark web site hosting Fisher and Paykel’s data leak is accessible via Tor and contains leaks from other Nefilim victims like Toll Group which was struck by the ransomware in early May.
Gradually leaking data is a key part of Nefilim's business model.
“This website will contain information that was downloaded from corporate networks that were breached and failed to negotiate with us,” the site’s 'About' page reads.
“The information will usually be leaked in parts, so the company has a chance to stop the leak before all the information is released.”
Last week, the second part of Toll Group’s data was uploaded to the site.
All of it related to the company's corporate relationship with South Korean tech giant, Samsung.
Aussie brewer gets hacked
Major Australian beverage company, Lion, was also hit with a cyber attack this week.
Lion owns major brands including XXXX Gold, James Squire, Dairy Farmers Milk, and the Daily Juice Company.
“We immediately shut down all our systems as a precaution, and we have continued to work with cyber experts to determine how much longer our systems will be impacted,” the company said in a statement.
“We are working through the impacts. There is no evidence to date of any data breaches, but we are still investigating every aspect of this major incident.”
Although the company offered reassurances that beer supplies won’t run out, it warned that the cyber attack has disrupted regular brewing.
“Throughout the COVID shutdown, we were able to continue to brew beer safely, meaning we have a good supply of product for the time being,” Lion said.
“This attack has impacted crucial aspects of the brewing process. We operate multiple large-scale breweries, which are heavily reliant on IT infrastructure.”
Lion was forced to revert to manual processes to maintain business continuity.
“We recognise that this is not perfect and it is impacting our customers. We are doing everything possible under the circumstances.”
Cybersecurity experts are warning Australian businesses to beware of the increasing cyber threats lurking online.
Tyler Moffit, an analyst with cyber firm Webroot, said the Lion attack was a “wakeup call” for retailers.
“More than ever, cyber resilience planning needs to be a key priority and integrated into every aspect of the business,” Moffit said.
“Companies successfully targeted by cyber attacks can be left feeling the effects of the disruption long after systems are restored, because it also impacts the brand’s reputation and consumer trust.
“From a reputation protection standpoint, being in the spotlight for data breaches is not at all good for business.”
