Skeggs Goldstien

Summary

Skeggs Goldstien, a New South Wales-based financial services firm, confirmed a cyber security incident in June 2025 after being listed on the Qilin ransomware gang's darknet leak site. The firm, which operates offices in Chatswood and Bella Vista offering tax, accounting, wealth management, and estate planning services, immediately commenced a comprehensive investigation with cyber security experts.

What Happened

In June 2025, the Qilin ransomware gang listed Skeggs Goldstien on its darknet leak site, threatening to publish the full dataset on 24 June 2025. Qilin, likely based in eastern Europe with members conversing in Russian on hacking forums, was first observed in August 2022 and had claimed 525 victims by June 2025, making it the third-most active ransomware group globally. The attack targeted the financial services firm's business and client data.

Impact on Individuals

The breach potentially affects clients of Skeggs Goldstien who use the firm's tax and accounting services, wealth management, business advisory, and estate and retirement planning services. The specific nature and extent of compromised client information has not been publicly disclosed.

Organisational Response

Skeggs Goldstien confirmed the incident and engaged cyber security experts to conduct a comprehensive investigation. The firm notified the Office of the Australian Information Commissioner (OAIC) and the Australian Cyber Security Centre (ACSC), and communicated directly with affected clients. The investigation remained ongoing as of the disclosure date.