Real estate giant LJ Hooker may be the latest victim in Australia's string of major data breaches, as a notable ransomware group claims to have stolen 375 gigabytes of employee and customer data.

The purportedly breached data is said to include passport information, social media account logins, credit card details and loans data.

The incident became public knowledge on 30 November when LJ Hooker Palm Beach appeared on the victim list of the infamous ransomware group, ALPHV, which claims to have downloaded a swathe of data from the companies' file server.

ALPHV has already published apparent passport details of staff members on the dark web, as well as some profit and loss statements and a property sale contract.

The ransomware gang claims to have accessed further "internal company data", which could include employee and customer IDs, financial data, credit card details and "more".

ALPHV's blog post also included a screenshot of apparently breached username and passwords for a range of services.

LJ Hooker, which employs at least 6,000 people according to its website, is yet to release a public statement regarding the alleged data theft, but sources indicate the incident may be isolated to a Palm Beach franchise in New South Wales.

In a statement made to VICE, an LJ Hooker spokesperson confirmed at least one of its offices had suffered a data breach and that the company is still working to "get a hold" on the scope of the breach.

Information Age reached out to LJ Hooker for comment on the ransomware group's claims but has yet to receive a response.

Who is ALPHV?

ALPHV, otherwise known as "BlackCat", is a Russia-linked ransomware group which gained notoriety for its alleged undertaking of the 2021 cyber attack against Colonial Pipeline, one of the United States' largest and most vital oil pipelines.

The group reportedly extorted a $6.5 million ($US4.4 million) ransom following the massive attack, and since then it has claimed responsibility for a multitude of other significant cyber incidents.

The Australian Cyber Security Centre notes increased activity from ALPHV compared to other ransomware variants in 2022, and says ALPHV is "targeting government and critical infrastructure organisations" as well as energy, finance and other sectors.

ALPHV's purported attack against LJ Hooker arrives amid an ongoing wave of cyber crime against Australian companies over the past three months.

Following Optus' landmark September data breach which reportedly exposed 9.8 million customer records, Australian organisations large and small have been inundated by a slew of unrelenting cyber attacks.

The Medibank data breach of October – which is also said to be linked to Russian hackers – saw a similar exposure of passport information (among other data) at the hands of a ransomware group.

Other Australian organisations that have suffered cyber incidents since September include telecommunications giant Telstra, online wine seller Vinomofo, pathology business Medlab Pathology, and children's charity The Smith Family.

This influx of data theft and ransom activity recently prompted new legislation in Parliament, increasing fines against companies for "serious or repeated" privacy breaches to $50 million.

The LJ Hooker incident is the most notable data breach to occur since the new legislation passed Parliament on 28 November.

The real estate giant is reportedly taking steps to protect its customers' data from another breach, and has "notified the relevant government cyber and data bodies."