Aussizz Group Data Compromised in DragonForce Ransomware Attack

Incident Date:

April 21, 2024

World map

Overview

Title

Aussizz Group Data Compromised in DragonForce Ransomware Attack

Victim

Aussiz Group

Attacker

Dragonforce

Location

Melbourne, Australia

, Australia

First Reported

April 21, 2024

Ransomware Attack on Aussizz Group by DragonForce

Overview of the Attack

The Aussizz Group, a prominent migration and education consultancy based in Melbourne, Victoria, has reportedly fallen victim to a ransomware attack orchestrated by the cybercriminal group known as DragonForce. This incident involved the theft of approximately 278.91 GB of sensitive data.

Company Overview

Founded in 2009, Aussizz Group specializes in securing visas for Australia, New Zealand, and Canada. With a global presence, they boast over 55 Registered Migration Agents (RMAs) and 70 Qualified Education Agent Counsellors (QEACs), providing expert guidance in immigration and international education consulting.

Offering discounted PTE Exam Vouchers and Visa services, they've garnered praise from clients for their professionalism and expertise. Aussizz Group operates from multiple locations across Australia and internationally, with offices in India, Dubai, Hong Kong, and Canada.

Their commitment to integrity, innovation, and teamwork distinguishes them as a leader in the business services sector, with an employee base of 498 and an annual revenue of $22 million in 2024.

Vulnerabilities

Given its business nature, Aussizz Group handles a substantial amount of personal and sensitive information related to clients' immigration and educational details, making it a prime target for ransomware attacks like the one conducted by DragonForce. The large volume of data managed by the company, coupled with its global presence, increases its exposure to cyber threats.

About the Ransomware Group

DragonForce is known for its double extortion tactic, encrypting victims' data and threatening to release it if the ransom is not paid. Active since November 2023, the group targets various organizations across sectors. Their connection to the leaked ransomware builder from LockBit suggests a sophisticated level of technical abilities in their attack execution.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.