This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Kempe Engineering

Summary

Kempe Engineering, a Geelong-based specialist engineering firm, was targeted by the RansomHub ransomware gang in a major attack that resulted in the theft of approximately 4 terabytes of data. The gang listed the company on its darknet leak site on 7 August 2024, claiming to have exfiltrated financial records, customer data, internal emails, and proprietary business information. RansomHub subsequently published 40 discrete folders of stolen data.

What Happened

The RansomHub ransomware gang breached Kempe Engineering's network and exfiltrated an unprecedented 4TB of sensitive data, making this one of the largest data thefts in the gang's Australian campaign. The stolen data included financial records, customer information, internal email communications, and proprietary business information. Sample documents posted by the attackers included ANZ payment forms, life insurance statements of senior employees, and a list of nearly 100 employees with personal details including phone numbers, home addresses, email addresses, and dates of birth.

Impact on Individuals

The massive data breach exposed extensive personal information of approximately 100 employees, including sensitive details such as:

  • Home addresses
  • Phone numbers and email addresses
  • Dates of birth
  • Financial information including insurance statements
  • Business banking details

Affected employees should:

  • Monitor credit reports for unauthorized activity
  • Place a ban on credit files
  • Be extremely vigilant for targeted phishing and social engineering attempts
  • Watch for identity theft using the combination of exposed personal details
  • Review and secure personal banking and insurance accounts

Organisational Response

Kempe Engineering works across multiple sectors including recycling, oil and gas, power generation, and rail engineering. The company has offices across Australia and China, with between 201 and 500 employees according to its LinkedIn page. The company did not publicly respond to requests for comment about the ransomware gang's claims. The 4TB data breach represents the largest single attack in RansomHub's August 2024 campaign targeting Australian engineering firms.

Verification Source: View original statement