Yakult Australia, the manufacturer of a popular probiotic milk drink, recently faced a cyber incident. The Yakult Cyber Incident has impacted both their IT systems in Australia and New Zealand.
The responsible party for the Yakult Cyber Incident is a cybercrime actor called DragonForce. It has claimed responsibility for the attack and has also leaked 95 GB of data belonging to Yakult.
Yakult, originally invented in Japan in 1935 and now widely sold globally, is a fermented and sweetened milk beverage containing live bacteria. It is consumed to promote healthy digestion and support the immune system.
Yakult Australia and New Zealand Divisions Affected by the Yakult Cyber Incident
Yakult Australia has confirmed on its website that it is investigating a cyber attack that occurred somewhere in mid-December.
David Whatley, Yakult Australia’s Director writes to Bleeping Computer:
“We first became aware of a cyber incident on the morning of the 15th of December,”.
“We cannot yet confirm the extent of the incident. We are working with cybersecurity experts to investigate the incident as a matter of urgency.”
“Our investigations are ongoing. Further updates will be provided as information becomes available.”
Despite the cyber incident affecting Yakult’s IT systems in both Australia and New Zealand, the company’s offices in both regions are still open and functioning. Notably, Yakult Australia’s website now displays an “important message” modal, which initially appeared blank but now contains the notice of the incident.
DragonForce Claims 95 Gigs of Data Dump from Yakult Cyber Attack
A cybercrime actor that calls itself ‘DragonForce‘ has taken responsibility for the incident and listed Yakult Australia to its onion leak site on December 20th, while publicly threatening to leak 95.19 GB of data, which the group has now done.
The data dump, according to the threat actor, contains “company database, contracts, passports and much more.”
A small portion of the leaked dump that appeared to contain several business documents, spreadsheets, credit applications made by Yakult Australia, employee records, and copies of identity documents such as passports.
With its slogan, “companies that refused to cooperate,” the DragonForce leak site (aka DragonLeaks) is indicative of the threat actor first attempting to extort its victims for payment. If the victims refuse, it publicly leaks assets and data stolen from these companies, much like other cybercriminal groups.
Not much information is currently known about ‘DragonForce’, which has listed 20 victims on its leak site thus far. The threat actor does not yet seem related to DragonForce Malaysia, a hacktivist group that has earlier targeted government agencies in the Middle East.