Yakult Australia Admits to Devastating Cyber Attack: 95 GB Data Breach Confirmed

Yakult Australia, the company behind the popular probiotic milk drink, has experienced a “cyber incident” affecting both its Australian and New Zealand IT systems. Cybercrime actor DragonForce has claimed responsibility for the attack and has leaked 95 GB of data, allegedly belonging to the company.

For those unfamiliar with Yakult, it’s a fermented and sweetened milk beverage with live bacteria, invented in 1935 in Japan. The drink is consumed worldwide to support digestion and the immune system.

Yakult Australia, New Zealand impacted by “cyber incident”

Yakult Australia confirmed to us that they were investigating a cyber attack that took place in mid-December. David Whatley, Yakult Australia’s Director, explained that they first became aware of the incident on the morning of December 15th. The company is currently working with cybersecurity experts to investigate the extent of the incident.

As of now, the company cannot confirm exactly how the attack occurred and is continuing with its investigation. They have assured that further updates will be provided as more information becomes available.

Although the IT systems in both Australia and New Zealand were affected, the offices in these regions remain open and operational. We also noticed that Yakult Australia’s website now displays an incident notice.

DragonForce claims responsibility, leaks 95 GB of data

A cybercrime actor known as ‘DragonForce’ has claimed responsibility for the incident. They listed Yakult Australia on their onion leak site on December 20th and publicly threatened to leak 95.19 GB of data, which they have now done.

According to the threat actor, the data dump contains “company database, contracts, passports, and much more.” We analyzed a small portion of the leaked data and found that it appeared to contain several business documents, spreadsheets, credit applications made by Yakult Australia, employee records, and copies of identity documents such as passports.

DragonForce’s leak site (aka DragonLeaks) has a slogan that reads “companies that refused to cooperate.” This indicates that the threat actor likely attempted to extort payment from its victims before publicly leaking their stolen assets and data, much like other cybercriminal groups.

Not much is currently known about ‘DragonForce.’ They have listed 20 victims on their leak site so far and don’t seem to be related to DragonForce Malaysia, a hacktivist group that has targeted government agencies in the Middle East in the past.

Don’t let this happen to your business! As a cybersecurity expert, I cannot emphasize enough the importance of investing in robust cybersecurity measures to protect your company’s valuable data and reputation. Contact us and keep coming back to learn more about how you can safeguard your business from cyber threats.