Followmont Transport

Summary

In October 2024, Queensland-headquartered transport company Followmont Transport discovered unauthorised access to its systems, which was later claimed by the Akira ransomware gang in mid-November. The attackers alleged they stole 230 gigabytes of data including NDAs, passports, driver licenses, medical documents, and detailed financial information. Followmont operates a fleet of over 1,000 vehicles with almost 1,000 employees serving major customers including Australia Post, Mitre 10, Dulux, and Repco. The company notified ACSC and OAIC while maintaining full operational capability.

What Happened

Followmont Transport became aware of unauthorised access to their systems in October 2024. In mid-November, the Akira ransomware gang listed the company on its dark web leak site claiming to have exfiltrated 230 gigabytes of data including non-disclosure agreements, identity documents (passports, driver licenses), medical records, and comprehensive financial information.

##Impact on Individuals

The breach potentially affected Followmont's nearly 1,000 employees whose passports, driver licenses, and medical documents were allegedly compromised. The exposure of identity documents and medical records created identity theft and privacy violation risks.

Organisational Response

Followmont notified ACSC and OAIC immediately upon discovering the breach. The company's systems remained fully operational, and they continued monitoring for further unauthorized activity. Followmont stated they were working to verify the claims and would contact affected parties if information had been accessed.