Yakult Australia suffered a cyberattack executed by the DragonForce hacking group during the holiday season, resulting in a significant data breach. The attackers exfiltrated over 95GB of sensitive data, including business documents, credit applications, and employee records, which were later exposed on DragonForce’s Onion leak site on December 20. The breach was publicly disclosed after the group posted a threat detailing the compromised information. Yakult Australia acknowledged the incident and confirmed operational continuity while engaging cyber incident response experts and notifying Australian and New Zealand authorities for investigation and mitigation. The breach aligns with DragonForce’s history of targeting organizations like Ace Air Cargo and Kinetic Leasing, reinforcing the group’s persistent threat to corporate data security. The exposed employee records and business-sensitive documents pose risks of financial fraud, identity theft, and reputational damage, necessitating urgent containment measures.
TPRM report: https://www.rankiteo.com/company/yakult-australia-pty.-ltd.
"id": "yak2322123102825",
"linkid": "yakult-australia-pty.-ltd.",
"type": "Breach",
"date": "12/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Health & Wellness',
'location': 'Australia',
'name': 'Yakult Australia',
'type': 'Subsidiary (Food & Beverage)'}],
'customer_advisories': ['Official statement acknowledging the breach and '
'assuring operational stability'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Business documents',
'Credit applications',
'Employee records']},
'date_publicly_disclosed': '2023-12-20',
'description': 'Yakult Australia suffered a cyberattack leading to a data '
'breach during the holiday season. The breach, attributed to '
'the DragonForce group, exposed over 95GB of sensitive data, '
'including business documents, credit applications, and '
'employee records. The incident was disclosed on December 20 '
"via DragonForce's Onion leak site. Yakult Australia "
'acknowledged the breach, assured operational stability, and '
'engaged cyber incident experts while notifying authorities in '
'Australia and New Zealand for investigation and mitigation.',
'impact': {'brand_reputation_impact': 'Potential negative impact (not '
'quantified)',
'data_compromised': ['Business documents',
'Credit applications',
'Employee records'],
'identity_theft_risk': 'High (due to exposure of employee records '
'and credit applications)',
'operational_impact': "Stable (as per Yakult Australia's "
'statement)',
'payment_information_risk': 'High (credit applications '
'compromised)'},
'investigation_status': 'Ongoing (collaborative effort with authorities and '
'cyber experts)',
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'The Cyber Express'},
{'source': 'Cyble Research and Intelligence Labs (CRIL) – '
'Annual Threat Landscape Report 2023'}],
'regulatory_compliance': {'regulatory_notifications': ['Australian '
'authorities',
'New Zealand '
'authorities']},
'response': {'communication_strategy': ['Official statement released',
'Ongoing updates via media (The Cyber '
'Express)'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': ['Cyber incident experts']},
'threat_actor': 'DragonForce',
'title': 'Yakult Australia Data Breach by DragonForce Group',
'type': ['Data Breach', 'Cyberattack']}