What organization experienced a ransomware attack?

Compass Group Australia, the largest food and support services provider in the country, experienced a ransomware attack orchestrated by the Medusa ransomware gang.

When was the ransomware attack on Compass Group Australia discovered?

The attack was discovered on September 4, 2024.

Who is responsible for the ransomware attack on Compass Group Australia?

The Medusa ransomware gang is responsible for the attack.

What ransom demands were made by the attackers?

The attackers demanded US$2 million to prevent the release of the stolen data or to purchase it. The ransom deadline can be extended by one day for an additional US$100,000.

What type of documents have been published by the Medusa gang?

Medusa has published several documents, including wage declarations of Compass Group employees, scans of international passports, driver’s licenses (possibly belonging to contractors), and various other internal documents.

What actions has Compass Group taken in response to the ransomware attack?

Compass Group activated its incident response plan, engaged forensic experts, disabled affected systems to contain the threat, and notified employees, clients, and suppliers. They are working with the Australian Cyber Security Centre and the Office of the Australian Information Commissioner.

Is the number of affected individuals disclosed?

No, the number of affected individuals has not been disclosed.

Incident

Sydney-based Compass Group reports ransomware attack

Q: How much data was stolen in the Compass Group Australia ransomware attack?

The attackers claim to have stolen 785.5 gigabytes of data.

Q: Has Compass Group provided guidance to employees?

Yes, Compass Group has provided guidance to employees concerned about the security of their personal information.

published: Sept. 18, 2024

Learn More

Compass Group Australia, headquartered in McMahons Point, is reporting it has fallen victim to a ransomware attack orchestrated by the Medusa ransomware gang.

Compass Group Australia, a subsidiary of the UK-based Compass Group, is the country's largest food and support services provider.

The intrusion was discovered by Compass Group on September 4, 2024, leading to the activation of the company’s incident response plan. Forensic experts were engaged, and affected systems were disabled to contain the threat.

The attackers claim to have stolen 785.5 gigabytes of data and are threatening to release it within eight days unless a ransom of US$2 million is paid. The same amount is demanded for anyone wishing to purchase the stolen data. The ransom deadline can also be extended by one day for an additional payment of US$100,000.

Medusa has already published several documents allegedly stolen during the attack, including:

Wage declarations of Compass Group employees
Scans of international passports
Driver’s licenses (possibly belonging to contractors)
Various other internal documents

The number of affected individuals is not disclosed.

Compass Group has since notified employees, clients, and suppliers about the breach and is working closely with the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Compass Group has provided guidance to employees concerned about the security of their personal information.

Sydney-based Compass Group reports ransomware attack

Read More
Snatch ransomware gang claims hacking of Malabar Gold …
Air Canada reports data breach, exposed employee data
Ridgefield Public Schools hit by ransomware attack, network …
Thai department store operator The 1 Co reports …
Greenville municipality hit by ransomware attack