Brisbane Accounting Firm Hit by Qilin Ransomware, Client Data Leaked
A Brisbane-based accounting firm, Kennedy McLaughlin & Associates, has confirmed a cyber incident after being listed on the darknet leak site of the Qilin ransomware operation. The breach, detected earlier this month, involved unauthorized access to part of the firm’s IT environment, with stolen data including financial details of several clients recently published online.
The company, which provides taxation, estate planning, and business advisory services, detected the intrusion in March but only saw the full dataset released in June. A spokesperson stated that immediate containment measures were taken, systems were restored, and cybersecurity experts were engaged to bolster defenses. The Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC) have been notified, and affected individuals have been informed with guidance on protecting their information.
Qilin, a prolific ransomware-as-a-service (RaaS) group, has claimed 1,882 victims across 98 countries since 2022, making it one of the most active ransomware operations. Unlike some groups that publish data quickly, Qilin and its affiliates may delay leaks for months. In 2024 alone, the group has listed 17 Australian victims, including Melbourne-based Branded Products in May.
Kennedy McLaughlin, a registered tax agent with 21 staff, serves clients across industries such as property development, medical professions, and legal services. The firm has emphasized its commitment to security following the incident.
Kennedy McLaughlin & Associates cybersecurity rating report: https://www.rankiteo.com/company/kennedy-mclaughlin-&-associates
Branded Products® Global cybersecurity rating report: https://www.rankiteo.com/company/branded-products-australia
"id": "KENBRA1780035877",
"linkid": "kennedy-mclaughlin-&-associates, branded-products-australia",
"type": "Ransomware",
"date": "3/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Several clients',
'industry': 'Accounting, Taxation, Estate Planning, '
'Business Advisory',
'location': 'Brisbane, Australia',
'name': 'Kennedy McLaughlin & Associates',
'size': '21 staff',
'type': 'Accounting Firm'}],
'customer_advisories': 'Affected individuals informed with guidance on '
'protecting their information',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Financial details'},
'date_detected': '2024-03',
'date_publicly_disclosed': '2024-06',
'description': 'A Brisbane-based accounting firm, Kennedy McLaughlin & '
'Associates, has confirmed a cyber incident after being listed '
'on the darknet leak site of the Qilin ransomware operation. '
'The breach involved unauthorized access to part of the firm’s '
'IT environment, with stolen data including financial details '
'of several clients recently published online.',
'impact': {'data_compromised': 'Financial details of clients',
'identity_theft_risk': 'High',
'payment_information_risk': 'High',
'systems_affected': 'Part of the firm’s IT environment'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain',
'post_incident_analysis': {'corrective_actions': 'Bolstered defenses'},
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Qilin'},
'references': [{'source': 'Cyber incident report'}],
'regulatory_compliance': {'regulatory_notifications': ['Australian Cyber '
'Security Centre '
'(ACSC)',
'Office of the '
'Australian '
'Information '
'Commissioner (OAIC)']},
'response': {'communication_strategy': 'Affected individuals informed with '
'guidance on protecting their '
'information',
'containment_measures': 'Immediate containment measures taken',
'enhanced_monitoring': 'Yes',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'No',
'remediation_measures': 'Systems restored',
'third_party_assistance': 'Cybersecurity experts'},
'threat_actor': 'Qilin ransomware operation',
'title': 'Brisbane Accounting Firm Hit by Qilin Ransomware, Client Data '
'Leaked',
'type': 'Ransomware'}