Hudson Civil Engineering Hit by RansomHub in Major Data Breach

Incident Date:

August 7, 2024

World map

Overview

Title

Hudson Civil Engineering Hit by RansomHub in Major Data Breach

Victim

Hudson Civil Engineering

Attacker

Ransomhub

Location

Prospect Vale, Australia

, Australia

First Reported

August 7, 2024

RansomHub Targets Hudson Civil Engineering in Ransomware Attack

Hudson Civil Engineering, a key player in Tasmania's civil construction and supply industry, has been targeted by the ransomware group RansomHub. The attack, announced on August 7, 2024, involves the exfiltration of 112 gigabytes of data, with a threat to release the stolen information on RansomHub's darknet leak site within a week.

About Hudson Civil Engineering

Hudson Civil Engineering, officially registered as Hudson Civil Pty Ltd, is a prominent manufacturer and supplier of infrastructure products in Tasmania, Australia. The company specializes in civil and commercial plumbing supplies, precast concrete products, and innovative infrastructure solutions. With over 40 years of industry experience, Hudson Civil Engineering operates from offices in Launceston, Hobart, and Devonport, employing a skilled workforce dedicated to delivering high-quality products and services.

What Makes Hudson Civil Engineering Stand Out

Hudson Civil Engineering is renowned for its comprehensive range of products and services, including the innovative MassBloc® system, a modular retaining wall solution favored for its ease of installation and versatility. The company's commitment to quality and innovation, coupled with a knowledgeable team, positions it as a vital partner for various construction projects across Tasmania.

Attack Overview

RansomHub claims to have exfiltrated 112 gigabytes of data from Hudson Civil Engineering, with a deadline of just over three days before the potential data release. The ransomware group has provided minimal details about the breach, only referencing a brief description of the company's business from its website. Hudson Civil Engineering has not yet commented on the incident.

About RansomHub

RansomHub is a ransomware-as-a-service (RaaS) group that has been active since February 2022. The group operates with affiliates receiving 90% of the ransom money, while the main group retains 10%. RansomHub's ransomware strains are written in Golang, a relatively new trend in the ransomware world. The group has targeted nearly 90 victims to date, including healthcare institutions and companies across various countries.

Potential Vulnerabilities

Hudson Civil Engineering's significant role in Tasmania's infrastructure sector makes it an attractive target for ransomware groups like RansomHub. The company's extensive data and operational dependencies on digital systems may have presented vulnerabilities that the attackers exploited. The specifics of how RansomHub penetrated Hudson Civil Engineering's systems remain unclear, but the incident underscores the importance of vigilant cybersecurity measures.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.