Australian equipment supplier data put up for sale online
The personal data of thousands of would-be Australians has allegedly been stolen after a malicious actor listed a customer database belonging to garage, office and gym equipment supplier LEE.
LEE is an Australian organization that sells garage lighting and other equipment, such as tool boxes, storage racks and gym equipment.
On September 20, 2024, a malicious actor called “joonas” claimed to sell a database containing 210,000 records from an LEE database.
Although the threat actor provided little to no information about what data was contained or how the incident occurred, a sampling of the stolen data released with the list suggests that names, phone numbers, cell phone, email addresses, residential addresses and other unspecified data were stolen.
It also appears that the list has not received much attention from other threat actors, as it contains no public responses from other users of the popular hacking forum. However, Cyber Daily was unable to verify whether the data was purchased by anyone. Additionally, there is no indication that the data was misused.
Cyber Daily attempted to contact LEE for further information or comment on the incident, but was unsuccessful.
This story is ongoing. Cyber Daily will provide an update as it develops.
Australian small businesses and organizations continue to be attacked by malicious actors, with last week the Abyss ransomware gang claiming to have stolen data from the Australian Nursing Home Foundation.
The Abyss ransomware gang listed the nonprofit on its dark web leak site, claiming to have stolen 1.5 terabytes of uncompressed data.
Once again, the threat group provided little to no details about the incident, other than that the data will be released on November 5.