• Home
  • cyber
  • Zirilio and Equestrian Australia: Embattled Olympic sport hit with legal action over ‘cyberattack’
cyber Cyber Attack

Zirilio and Equestrian Australia: Embattled Olympic sport hit with legal action over ‘cyberattack’

Dec 5, 2025 2 min read
Zirilio and Equestrian Australia: Embattled Olympic sport hit with legal action over ‘cyberattack’

Equestrian Australia Faces Legal Fallout Over Alleged Unauthorized Cyberattack

Equestrian Australia, the governing body for Olympic equestrian disciplines, is embroiled in a legal dispute over a 2024 cybersecurity penetration test that allegedly exceeded agreed boundaries. Former digital services provider Lloyd Raleigh, whose company Nominate Pty Ltd managed the federation’s member database and horse registration portal for a decade, is suing both Equestrian Australia and Sydney-based cybersecurity firm Zirilio (operating as Allstars Trading Pty Ltd).

The lawsuit stems from a January 2024 penetration test, during which Raleigh permitted Zirilio to bypass a firewall to assess system vulnerabilities. However, court documents allege the test went beyond its scope, with 19,131 unauthorized attacks targeting Raleigh’s server on URLs outside the agreed parameters. Raleigh claims the incident constituted a breach of contract and incurred $141,756.06 in forensic examination costs.

Equestrian Australia has denied the allegations, stating it was unaware of any unauthorized access and did not approve Zirilio’s actions. The federation, which receives $6 million annually in federal high-performance funding, also disputed Raleigh’s need for external forensic analysis, calling some claims "vague and embarrassing." Zirilio has yet to file a defense, and Raleigh’s legal team has requested a default judgment against the firm.

The legal battle adds to Equestrian Australia’s ongoing turmoil, which includes a board revolt, an Australian Sports Commission-ordered review led by integrity expert Iain Roy, and financial losses of $1.2 million over two years. Three directors, including former chairman Zac Miles, have already resigned, while three others Rhett Oliver, Stephanie Lyons, and Maggie Hundertmark face removal at a special general meeting on December 12, 2025. Oliver, a partner at law firm Colin Biggers & Paisley, is handling the federation’s legal response.

The case highlights tensions between Equestrian Australia, its former IT provider, and the cybersecurity firm, amid broader governance and financial challenges in the sport.

Source: https://www.smh.com.au/sport/embattled-olympic-sport-hit-with-legal-action-over-cyberattack-20251205-p5nl54.html

Equestrian Australia cybersecurity rating report: https://www.rankiteo.com/company/equestrian-australia

ZIRILIO cybersecurity rating report: https://www.rankiteo.com/company/zirilio

"id": "EQUZIR1774009900",
"linkid": "equestrian-australia, zirilio",
"type": "Cyber Attack",
"date": "12/2025",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Sports/Governance',
                        'location': 'Australia',
                        'name': 'Equestrian Australia',
                        'type': 'Sports Federation'},
                       {'industry': 'IT/Technology',
                        'location': 'Australia',
                        'name': 'Nominate Pty Ltd',
                        'type': 'Digital Services Provider'}],
 'attack_vector': 'Unauthorized penetration testing',
 'date_detected': '2024-01',
 'description': 'Equestrian Australia is facing a legal dispute over a 2024 '
                'cybersecurity penetration test that allegedly exceeded agreed '
                'boundaries, leading to unauthorized attacks on its former '
                "digital services provider's server. The incident has resulted "
                'in a lawsuit and significant forensic examination costs.',
 'impact': {'brand_reputation_impact': 'Governance and financial turmoil',
            'financial_loss': '141756.06',
            'legal_liabilities': 'Lawsuit, potential default judgment',
            'operational_impact': 'Legal dispute, forensic examination '
                                  'required',
            'systems_affected': 'Member database and horse registration '
                                'portal'},
 'investigation_status': 'Ongoing legal dispute',
 'motivation': 'Contractual dispute, alleged breach of scope',
 'post_incident_analysis': {'root_causes': 'Alleged unauthorized penetration '
                                           'testing beyond agreed scope'},
 'references': [{'source': 'Court documents'}],
 'regulatory_compliance': {'legal_actions': 'Lawsuit, potential default '
                                            'judgment'},
 'response': {'third_party_assistance': 'Forensic examination'},
 'threat_actor': 'Zirilio (Allstars Trading Pty Ltd)',
 'title': 'Equestrian Australia Legal Dispute Over Alleged Unauthorized '
          'Cyberattack',
 'type': 'Penetration Test Exceeding Scope',
 'vulnerability_exploited': 'Firewall bypass'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.