Australian hydraulics and processing company Aussie Fluid Power (AFP) suffered a cybersecurity breach attributed to the Anubis ransomware group, which claimed responsibility and published stolen data on the dark web. The attackers allegedly accessed a *limited number of IT systems* without authorization, exfiltrating accounting files, contracts, and confidential company documents. While AFP’s investigation is ongoing with support from external forensic specialists early findings suggest business information may have been compromised, though no evidence yet confirms exposure of sensitive employee, customer, or supplier data.The company has notified the Australian Cyber Security Centre (ACSC) and relevant authorities, while implementing additional security measures to mitigate further risks. The Anubis group, operating as a ransomware-as-a-service (RaaS), has escalated pressure by contacting regulatory bodies and offering *exclusive access* to the stolen data a tactic to coerce ransom payments. AFP has informed partners and customers but maintains that critical operational systems remain unaffected.This incident underscores persistent vulnerabilities in Australia’s industrial and mid-sized enterprises, which are increasingly targeted by ransomware actors, posing risks to the nation’s critical supply chains. The breach’s full scope, including potential data leaks or financial/reputational damage, remains under assessment.
TPRM report: https://www.rankiteo.com/company/aussie-fluid-power
"id": "aus5294452102025",
"linkid": "aussie-fluid-power",
"type": "Ransomware",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': ['hydraulics',
'processing',
'industrial supply chain'],
'location': 'Australia',
'name': 'Aussie Fluid Power (AFP)',
'size': 'mid-sized enterprise',
'type': 'private company'}],
'customer_advisories': True,
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['accounting files',
'contracts',
'confidential documents'],
'personally_identifiable_information': 'under investigation '
'(potential '
'employee/customer/supplier '
'data)',
'sensitivity_of_data': ['confidential company documents',
'accounting files',
'contracts'],
'type_of_data_compromised': ['business information',
'potentially sensitive '
'employee/customer/supplier '
'data']},
'description': 'Australian hydraulics and processing company Aussie Fluid '
'Power (AFP) confirmed a cybersecurity breach after the Anubis '
'ransomware group claimed responsibility for an attack on its '
'systems and published stolen data on the dark web. The '
'company is investigating the incident with external forensic '
'specialists to assess the scope and potential compromise of '
'sensitive employee, customer, or supplier data. The Anubis '
'group alleged it obtained accounting files, contracts, and '
'confidential company documents, and is pressuring AFP by '
"offering 'exclusive access' to the stolen data. AFP has "
'notified the Australian Cyber Security Centre (ACSC) and '
'relevant authorities, implemented additional security '
'measures, and informed partners and customers. No evidence '
'yet suggests critical operational systems were affected.',
'impact': {'brand_reputation_impact': 'potential reputational damage due to '
'public disclosure and dark web data '
'leak',
'data_compromised': ['accounting files',
'contracts',
'confidential company documents'],
'operational_impact': 'no evidence of critical operational systems '
'affected (as of current investigation)',
'systems_affected': ['limited number of IT systems']},
'initial_access_broker': {'data_sold_on_dark_web': ['stolen data published on '
'Anubis leak site',
'exclusive access offered '
'to third parties'],
'high_value_targets': ['accounting files',
'contracts',
'confidential documents']},
'investigation_status': 'ongoing (early findings suggest business information '
'accessed; full scope under assessment by forensic '
'specialists)',
'motivation': ['financial gain (ransom pressure)',
'data exfiltration for leverage'],
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'Anubis'},
'references': [{'source': 'CyberDaily'}],
'regulatory_compliance': {'regulatory_notifications': ['Australian Cyber '
'Security Centre '
'(ACSC)',
'relevant '
'authorities']},
'response': {'communication_strategy': ['notified partners and customers',
'public statement via CyberDaily',
'ongoing updates planned'],
'enhanced_monitoring': True,
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'remediation_measures': ['additional security measures',
'enhanced system monitoring'],
'third_party_assistance': ['external forensic specialists']},
'stakeholder_advisories': ['partners and customers notified'],
'threat_actor': 'Anubis ransomware group (RaaS operation)',
'title': 'Aussie Fluid Power (AFP) Ransomware Attack by Anubis Group',
'type': ['ransomware', 'data breach']}