Micon Office National

Summary

Micon Office National, a Wollongong-based office furniture supplier, was attacked by the Sarcoma ransomware gang on November 3, 2024. The attack resulted in a three-day business shutdown while IT systems were restored, with the company choosing not to pay the ransom.

Attack Vector

The Sarcoma ransomware gang breached Micon Office National's systems and exfiltrated 34 gigabytes of data, including files, SQL databases, and emails from an Exchange server. The gang threatened to publish the stolen data within 11 days if ransom demands were not met. Sarcoma uses a double-extortion strategy combining encryption with data theft.

Consumer Impact

Owner Mick Cuda stated that no client files were affected as these are managed by a Sydney software company. However, the breach forced a costly three-day shutdown for major IT systems restoration work. The 34GB of exfiltrated data included internal business records, databases, and email communications.

Response

Micon Office National became aware of the incident on November 4 and immediately informed their security software company, who passed information to law enforcement. Staff were informed of the incident. The company chose not to pay any ransom and instead invested in a costly IT systems reboot. The business closed for three days during recovery operations.