Hudson Civil Engineering

Summary

Hudson Civil Engineering, a Launceston-based Tasmanian engineering firm, was targeted by the RansomHub ransomware gang in August 2024. The attackers claimed to have stolen 112 gigabytes of data and threatened to release it on their darknet leak site. The attack was announced on 7 August 2024 as part of a broader campaign by RansomHub targeting Australian engineering firms.

What Happened

The RansomHub ransomware gang breached Hudson Civil Engineering's systems and exfiltrated 112GB of data. The gang posted details on their darknet leak site on 7 August, giving the company approximately one week before threatening to release the stolen data publicly. This attack was part of a coordinated campaign targeting multiple Australian engineering firms during August 2024, with RansomHub conducting at least 21 attacks globally that month.

Impact on Individuals

The breach exposed business and employee information. Affected individuals should monitor for phishing attempts and be alert for business email compromise scams targeting company contacts and customers. The exposure of business data could also impact commercial relationships and competitive positioning.

Organisational Response

Hudson Civil Engineering is described on its website as "Tasmania's leading manufacturer and supplier of infrastructure products to the civil construction, irrigation, water/wastewater, mining, building, development and rural sectors." The company operates offices in Launceston (headquarters), Hobart, and Devonport. RansomHub operates using an affiliate model where the gang collects 10 percent of extorted profits while criminal affiliates carry out the actual attacks.