This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Legrand CRM

Summary

Legrand CRM Pty Ltd, a Sydney-based CRM provider, experienced a data theft incident claimed by the ransomware group Hunters International in June 2024. The company confirmed the breach involved approximately 7GB of data but clarified it was not a ransomware attack.

Attack Vector

Hunters International listed Legrand CRM on their dark web leak site with a discovery date of June 15, 2024. Unlike traditional ransomware attacks, this incident focused on data exfiltration rather than file encryption, consistent with Hunters International's operational model of using data theft for extortion rather than encryption.

Consumer Impact

CEO Alain Legrand estimated that approximately 7GB of data was transferred from systems containing nearly 2TB of total files. Some stolen files were found to belong to other businesses using Legrand CRM's services. The relatively small volume of exfiltrated data compared to total storage suggests a targeted data theft rather than comprehensive system compromise.

Response

Legrand CRM contacted the Australian Cyber Security Centre (ACSC) and the Victorian government Cyber Incident Response Service (CIRS) for assistance. The company emphasized that the incident was a data theft rather than a ransomware attack, distinguishing it from typical encryption-based attacks.

Verification Source: View original statement