Vili's Family Bakery
Summary
Vili's Family Bakery, the iconic South Australian bakery, was hit by a Black Basta ransomware attack on 15 February 2024. Hackers gained unauthorized access to the company's digital systems, including ordering and invoicing systems and email accounts. The Black Basta group claimed to have exfiltrated approximately 350 gigabytes of data including employee information, financial data, and incident reports.
What Happened
On 15 February 2024, Black Basta ransomware affiliates breached Vili's IT systems, compromising emails, ordering capabilities, and invoicing systems. The gang later listed Vili's on their dark web leak site, claiming to have stolen 350GB of data including employee folders and files, personal documents, financial information, and incident reports. Despite the digital disruption, the attack did not shut down production operations at the bakery.
Impact on Individuals
The breach exposed employee and business data including:
- Employee information and personal documents
- Financial data
- Email correspondence
- Supplier and customer information
Affected employees, suppliers, and customers should:
- Monitor for phishing emails exploiting stolen business relationships
- Be alert for targeted scams using knowledge of Vili's operations
- Watch for business email compromise attempts
- Be cautious of communications claiming to be from Vili's
Organisational Response
Vili's spokesperson confirmed the company experienced a cyber incident on 15 February affecting IT systems, particularly emails and ordering/invoicing capabilities. The company engaged their IT provider and cyber security specialists to investigate the extent of the incident. Vili's Family Bakery is a well-known South Australian institution, and the company worked to maintain production despite the IT system disruption.