Cyber Attack on Charles Parsons: A Closer Look at the Ransomware Incident

Incident Date:

April 16, 2024

World map

Overview

Title

Cyber Attack on Charles Parsons: A Closer Look at the Ransomware Incident

Victim

Charles Parson

Attacker

Ra Group

Location

Redfern, Australia

, Australia

First Reported

April 16, 2024

Ransomware Attack on Charles Parsons: A Detailed Analysis

Company Profile

Charles Parsons & Co Pty Ltd, a prominent player in the textile and fabric industry, was founded in 1915 by Charles Leslie Parsons. This privately owned, fourth-generation family business is headquartered in Redfern, New South Wales, Australia. Specializing in a wide range of fabrics, the company caters to sectors including performance sportswear, school and corporate wear, and home textiles. As of 2024, Charles Parsons reported a revenue of $61 million and employed 110 staff members.

The company's official website serves as a portal for information about their products and is also used for posting job vacancies in various departments such as Supply Chain, Lab Operations, Marketing, Digital & Design in Sydney and Melbourne.

Attack Details

The RA Group, a ransomware syndicate known for using the leaked Babuk ransomware code, targeted Charles Parsons, leading to the exfiltration of 31 GB of sensitive data. This data included legal documents, financial records, customer information, and contract documents.

Why Charles Parsons Was Targeted

The company's significant data repositories, including sensitive financial and customer information, make it an attractive target for cybercriminals. The manufacturing sector, where Charles Parsons operates, is increasingly becoming a target for ransomware attacks due to the critical nature of its operations and the valuable data it holds. As it's important to mention that the visibility of their job vacancies and active recruitment might also have exposed them to increased cyber threats, potentially through phishing attacks aimed at HR processes.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.