RansomHouse Claims Breach of Australian Chemical Manufacturer Vicchem
On 23 October, the ransomware group RansomHouse listed Vicchem a Coolaroo-based manufacturer of industrial and agricultural chemicals, also known as the Victorian Chemical Company on its darknet leak site. The hackers allege they exfiltrated an undisclosed volume of sensitive data and have threatened to publish it unless contacted by the company.
In a post on their leak site, RansomHouse accused Vicchem’s IT department of attempting to conceal the breach, stating: “We were waiting for you for quite some time, but it seems that your IT department decided to conceal the incident.” The group urged Vicchem to engage with them to prevent the release of confidential data, including employee passport scans, invoices, banking documents, budget reports, and payroll records, samples of which were included in an evidence pack.
RansomHouse has not yet disclosed a ransom demand or deadline but employs double extortion tactics, both encrypting victims’ systems and stealing data to maximize pressure. Their typical ransom note warns: “The security of your IT perimeter has been compromised… We encrypted your workstations and servers to make the fact of the intrusion visible and to prevent you from hiding critical data leaks.”
Active since mid-2021, RansomHouse has claimed 150 victims at a rate of roughly one attack every 50 days. Notable targets include German brewer Oettinger, the Colombian government, and semiconductor firm AMD. Vicchem appears to be the group’s first confirmed Australian victim.
Vicchem has not responded to requests for comment. The incident underscores the ongoing threat posed by ransomware groups targeting critical industries, particularly those handling sensitive operational and financial data.
Source: https://www.cyberdaily.au/security/12863-exclusive-vicchem-hit-by-alleged-ransomware-attack
VICCHEM cybersecurity rating report: https://www.rankiteo.com/company/vicchem
"id": "VIC1772195353",
"linkid": "vicchem",
"type": "Ransomware",
"date": "11/2025",
"severity": "100",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Industrial and agricultural chemicals',
'location': 'Coolaroo, Australia',
'name': 'Vicchem (Victorian Chemical Company)',
'type': 'Company'}],
'data_breach': {'data_encryption': True,
'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Employee passport scans',
'Invoices',
'Banking documents',
'Budget reports',
'Payroll records']},
'date_publicly_disclosed': '2023-10-23',
'description': 'On 23 October, the ransomware group RansomHouse listed '
'Vicchem, a Coolaroo-based manufacturer of industrial and '
'agricultural chemicals, also known as the Victorian Chemical '
'Company, on its darknet leak site. The hackers allege they '
'exfiltrated an undisclosed volume of sensitive data and have '
'threatened to publish it unless contacted by the company. '
'RansomHouse accused Vicchem’s IT department of attempting to '
'conceal the breach and urged them to engage to prevent the '
'release of confidential data, including employee passport '
'scans, invoices, banking documents, budget reports, and '
'payroll records.',
'impact': {'data_compromised': 'Employee passport scans, invoices, banking '
'documents, budget reports, payroll records',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain (extortion)',
'ransomware': {'data_encryption': True,
'data_exfiltration': True,
'ransomware_strain': 'RansomHouse'},
'references': [{'date_accessed': '2023-10-23',
'source': 'RansomHouse darknet leak site'}],
'threat_actor': 'RansomHouse',
'title': 'RansomHouse Claims Breach of Australian Chemical Manufacturer '
'Vicchem',
'type': 'Ransomware'}