McDowall Affleck

Summary

McDowall Affleck, a Perth-based engineering firm, confirmed it was hit by a RansomHub ransomware attack that resulted in the theft of nearly 500 gigabytes of data. The attack occurred on 24 July 2024, with the company's network encrypted and confidential data exfiltrated. RansomHub publicly announced the attack on 1 August 2024.

What Happened

On 24 July 2024, RansomHub affiliates breached McDowall Affleck's systems, encrypted the company's network, and exfiltrated approximately 470GB of sensitive data. The stolen information included critical documents, insurance records, tender and contract details, and personal information of both employees and clients. Upon detection, McDowall Affleck immediately took steps to secure their systems and engaged forensic experts to investigate the incident.

Impact on Individuals

The breach exposed employee and client personal information, as well as sensitive business data including tender documents and contracts. Affected individuals should:

• Monitor for targeted phishing attempts using stolen information
• Be alert for business email compromise scams
• Watch for suspicious activity if business or financial information was compromised
• Be cautious of scammers impersonating the company or its clients

The exposure of tender and contract information could also impact the company's competitive position and client relationships.

Organisational Response

McDowall Affleck confirmed the cyber incident and stated: "As soon as we detected the incident, we took steps to secure our system. We also engaged forensic experts to investigate what [had] happened. Our system is secure and operational." Established in 1978, McDowall Affleck specializes in civil, structural, and mechanical engineering with a global client base including Lendlease, Hitachi, and state government agency DevelopmentWA. This attack was part of RansomHub's broader campaign targeting Australian engineering firms during July-August 2024.