R.I.C Publications: Exclusive: Aussie educational publisher R.I.C Publications investigating breach after customer data published online

R.I.C Publications: Exclusive: Aussie educational publisher R.I.C Publications investigating breach after customer data published online

Cybersecurity Breach: Hacker Leaks Data of 116,000 R.I.C Publications Customers

A Western Australian educational publisher, R.I.C Publications, is investigating a data breach after a threat actor known as "2019" published what they claim is the purchasing data of over 116,000 customers. The leaked dataset, shared on a hacking forum on June 4, includes full names, email addresses, phone numbers, street and IP addresses, order details, and school names.

The breach was first disclosed when 2019 a prolific hacker targeting Australian organizations posted a sample of the records, offering the full dataset for free to forum members who engaged with the original post. As of now, the post has received 22 replies, with some users acknowledging the leak.

R.I.C Publications confirmed the incident, stating that it is actively investigating both the data leak and a separate issue involving unauthorized emails sent to customers on May 30, 2026. The company has found no evidence of further system compromise and confirmed that payment information was not exposed. However, as a precaution, it is advising stakeholders to watch for phishing attempts or scam calls.

The publisher, which supplies educational resources across Australia, the UK, Ireland, South Africa, Malaysia, and New Zealand, is working with cybersecurity experts and authorities to address the breach. A spokesperson emphasized that the company is prioritizing the investigation and reviewing its security measures.

2019, the threat actor behind the breach, has been active since early 2026, with 35 leak posts primarily targeting Australian entities, though victims have also included organizations in the U.S., UAE, France, and Italy. This incident follows a pattern of high-profile breaches linked to the same hacker, including previous attacks on Centrelink and the Melbourne International Film Festival.

Source: https://www.cyberdaily.au/security/13728-exclusive-aussie-educational-publisher-r-i-c-publications-investigating-breach-after-customer-data-published-online

R.I.C. Publications cybersecurity rating report: https://www.rankiteo.com/company/r.i.c.-publications

"id": "R.I1781144635",
"linkid": "r.i.c.-publications",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '116,000',
                        'industry': 'Education',
                        'location': 'Western Australia',
                        'name': 'R.I.C Publications',
                        'type': 'Educational Publisher'}],
 'attack_vector': 'Unknown',
 'customer_advisories': 'Advising customers to watch for phishing attempts or '
                        'scam calls',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '116,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (Personally Identifiable '
                                        'Information)',
                 'type_of_data_compromised': ['Full names',
                                              'Email addresses',
                                              'Phone numbers',
                                              'Street addresses',
                                              'IP addresses',
                                              'Order details',
                                              'School names']},
 'date_detected': '2026-06-04',
 'date_publicly_disclosed': '2026-06-04',
 'description': 'A Western Australian educational publisher, R.I.C '
                'Publications, is investigating a data breach after a threat '
                "actor known as '2019' published what they claim is the "
                'purchasing data of over 116,000 customers. The leaked dataset '
                'includes full names, email addresses, phone numbers, street '
                'and IP addresses, order details, and school names.',
 'impact': {'brand_reputation_impact': 'Potential impact due to data leak',
            'data_compromised': 'Full names, email addresses, phone numbers, '
                                'street and IP addresses, order details, '
                                'school names',
            'identity_theft_risk': 'High',
            'payment_information_risk': 'None (payment information not '
                                        'exposed)'},
 'investigation_status': 'Active',
 'motivation': 'Data Exfiltration',
 'post_incident_analysis': {'corrective_actions': 'Reviewing security '
                                                  'measures'},
 'references': [{'date_accessed': '2026-06-04', 'source': 'Hacking Forum'}],
 'response': {'communication_strategy': 'Advising stakeholders to watch for '
                                        'phishing attempts or scam calls',
              'incident_response_plan_activated': 'Yes',
              'remediation_measures': 'Reviewing security measures',
              'third_party_assistance': 'Cybersecurity experts and '
                                        'authorities'},
 'stakeholder_advisories': 'Advising stakeholders to watch for phishing '
                           'attempts or scam calls',
 'threat_actor': '2019',
 'title': 'Cybersecurity Breach: Hacker Leaks Data of 116,000 R.I.C '
          'Publications Customers',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.