Yakult Cyber Incident Leads to 95 GB Data Leak – DragonForce Claims the Cyber Attack

Written by Gabby Lee

December 27, 2023

Yakult Cyber Incident Leads to 95 GB Data Leak – DragonForce Claims the Cyber Attack

Yakult Australia, the manufacturer of a popular probiotic milk drink, recently faced a cyber incident. The Yakult Cyber Incident has impacted both their IT systems in Australia and New Zealand.

The responsible party for the Yakult Cyber Incident is a cybercrime actor called DragonForce. It has claimed responsibility for the attack and has also leaked 95 GB of data belonging to Yakult.

Yakult, originally invented in Japan in 1935 and now widely sold globally, is a fermented and sweetened milk beverage containing live bacteria. It is consumed to promote healthy digestion and support the immune system.

Yakult Australia and New Zealand Divisions Affected by the Yakult Cyber Incident

Yakult Australia and New Zealand Divisions Affected by the Yakult Cyber Incident

Yakult Australia has confirmed on its website that it is investigating a cyber attack that occurred somewhere in mid-December.

David Whatley, Yakult Australia’s Director writes to Bleeping Computer:

“We first became aware of a cyber incident on the morning of the 15th of December,”.

“We cannot yet confirm the extent of the incident. We are working with cybersecurity experts to investigate the incident as a matter of urgency.”

Yakult is hasn’t yet confirmed how exactly the cyber incident occurred.

“Our investigations are ongoing. Further updates will be provided as information becomes available.”

Despite the cyber incident affecting Yakult’s IT systems in both Australia and New Zealand, the company’s offices in both regions are still open and functioning. Notably, Yakult Australia’s website now displays an “important message” modal, which initially appeared blank but now contains the notice of the incident.

Yakult Australia and New Zealand Divisions Affected by the Yakult Cyber Incident

DragonForce Claims 95 Gigs of Data Dump from Yakult Cyber Attack

A cybercrime actor that calls itself ‘DragonForce‘ has taken responsibility for the incident and listed Yakult Australia to its onion leak site on December 20th, while publicly threatening to leak 95.19 GB of data, which the group has now done.

The data dump, according to the threat actor, contains “company database, contracts, passports and much more.”

A small portion of the leaked dump that appeared to contain several business documents, spreadsheets, credit applications made by Yakult Australia, employee records, and copies of identity documents such as passports.

With its slogan, “companies that refused to cooperate,” the DragonForce leak site (aka DragonLeaks) is indicative of the threat actor first attempting to extort its victims for payment. If the victims refuse, it publicly leaks assets and data stolen from these companies, much like other cybercriminal groups.

Not much information is currently known about ‘DragonForce’, which has listed 20 victims on its leak site thus far. The threat actor does not yet seem related to DragonForce Malaysia, a hacktivist group that has earlier targeted government agencies in the Middle East.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

 

Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!