This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

IKAD Engineering

Summary

IKAD Engineering, an Australian engineering firm and defence industry supply chain contractor, confirmed a cyber incident in November 2025 after the J Group ransomware gang claimed to have exfiltrated 800 gigabytes of data following a five-month network compromise. The attackers exploited a vulnerability in an older VPN appliance and allegedly obtained files relating to major defence projects including BAE Systems' Hunter Class Frigate Program, Collins class submarines, and Damen Shipbuilders tender responses, along with staff passport scans and client communications.

What Happened

The J Group ransomware gang, which first appeared in February 2025, claimed to have breached IKAD Engineering's network earlier in 2025 by exploiting a known vulnerability in an older VPN appliance. The threat actors allegedly maintained access to the network for five months before exfiltrating approximately 800 gigabytes of data. IKAD Engineering confirmed that some non-sensitive data relating to contracts and internal information had been exfiltrated. The stolen data allegedly included personal staff information such as passport scans, client communications and contacts from major defence contractors and agencies, and files pertaining to specific major defence projects.

Impact on Individuals

The breach exposed personal information of IKAD Engineering staff, including passport scans. The incident raised significant national security concerns due to IKAD's role as a defence industry supply chain contractor. Files allegedly compromised related to major Australian defence projects including BAE Systems' Hunter Class Frigate Program, the Australian Submarine Corporation's Collins class submarines, and Damen Shipbuilders tender responses. However, the Australian Submarine Corporation stated that IKAD Engineering was not a supplier to ASC and had never been provided with technical or sensitive data from them.

Organisational Response

IKAD Engineering confirmed awareness of the incident and acknowledged that some non-sensitive data relating to contracts and internal information had been exfiltrated. The company worked closely with multiple law enforcement and security agencies including the Australian Cyber Security Centre (ACSC), National Office of Cyber Security (NOCS), Western Australia Police Force, Australian Federal Police (AFP), Office of the Australian Information Commissioner (OAIC), and Defence Industry Security Program (DISP). BAE Systems Australia acknowledged being aware of the incident and stated they were taking necessary steps to protect their operations whilst working with the supplier and relevant authorities.

Verification Source: View original statement