Australia Seasons Apartment group data published on the dark web

The ransomware crime group LockBit 3.0 has published data obtained from a compromised system of Seasons Darling Harbour, which is part of the Seasons Apartment Hotel Group. The company had been given a ransom payment deadline of September 2, and the data was uploaded shortly after this deadline had passed.

Although LockBit identifies Seasons Darling Harbour as the victim, the data appears to include documents related to the operations of all four Seasons  group properties, namely Seasons Heritage Melbourne and Seasons Botanical Gardens in Melbourne, Seasons of Perth, and Seasons Darling Harbour in Sydney. Additionally, data from Seasons Harbour Plaza in Sydney and documents from Seasons International Management in Perth are also included in the posted data.

The leaked data primarily consists of financial information, including various accounts and invoices. While there is limited customer information, such as an invoice to Travelscape (a subsidiary of Expedia) listing some customers and the duration of their stays, it seems that no customer credit card details or significant personally identifiable information were part of the leak. However, the leak did contain banking details of some staff from Seasons Harbour Plaza dating back to 2016.

Furthermore, the data includes numerous invoices from third-party suppliers, complete with company letterheads, account details, and contact information. It also contains cash flow data, other business information, and a small amount of CCTV footage. The leaked documents date from as early as 2011 up to 2023.

No details are available as to the nature of the attack nor a systemic information of affected individuals.