Regis Resources: Exclusive: Victorian Catholic college suffers alleged cyber attack

**St Joseph’s College Echuca Listed on Lynx Ransomware Gang’s Dark Web Leak Site**

St Joseph’s College Echuca, a co-educational institution serving northern Victoria and southern NSW since 1886, was named on the dark web leak site of the Lynx ransomware gang on 5 January. The group claimed to have encrypted and breached the college’s network, though no proof of the incident was provided—a common tactic for this threat actor.

The college, which operates two campuses for students in years 7–12, has not responded to inquiries from Cyber Daily, leaving the status of the alleged attack unclear. Updates will be provided if the school issues a statement.

Lynx has recently targeted multiple Australian organisations, including Regis Resources, whose subsidiary McPhillamys Gold was also listed on the gang’s leak site on the same day. Regis Resources confirmed an incident in November 2025, stating that its cybersecurity systems detected and contained the intrusion before any data was exfiltrated or ransom demands were made. The company reported no operational or commercial impact and notified relevant authorities.

About Lynx Ransomware Gang
First active in July 2024, Lynx has claimed nearly 400 victims to date, according to Ransomware.live. The group claims to avoid targeting government institutions, hospitals, and non-profits, framing its operations as "ethical" and focused on financial gain rather than disruption. However, its recent activity suggests a growing interest in Australian entities.

Source: https://www.cyberdaily.au/security/13058-exclusive-victorian-catholic-college-suffers-alleged-cyber-attack

ReGIS cybersecurity rating report: https://www.rankiteo.com/company/regis

"id": "REG1767902749",
"linkid": "regis",
"type": "Cyber Attack",
"date": "1/2026",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"

{'affected_entities': [{'industry': 'Education',
                        'location': 'Echuca Moama region, northern Victoria '
                                    'and southern NSW, Australia',
                        'name': 'St Joseph’s College Echuca',
                        'type': 'Educational Institution'}],
 'data_breach': {'data_encryption': 'Claimed by threat actor'},
 'date_publicly_disclosed': '2025-01-05',
 'description': 'St Joseph’s College Echuca was listed on the dark web leak '
                'site of the Lynx ransomware gang on 5 January, with the group '
                'claiming to have encrypted and breached the organisation’s '
                'network. Lynx provided very little detail about the incident '
                'and failed to provide any proof of the incident.',
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'ransomware': {'data_encryption': 'Claimed by threat actor',
                'data_exfiltration': 'Claimed by threat actor',
                'ransomware_strain': 'Lynx'},
 'references': [{'date_accessed': '2025-01-05', 'source': 'Cyber Daily'},
                {'source': 'Ransomware.live'}],
 'threat_actor': 'Lynx ransomware gang',
 'title': 'St Joseph’s College Echuca Ransomware Incident',
 'type': 'Ransomware'}