Daughterly Care Hit by Ransomware Attack from Rhysida Group
Ransomware Attack on Daughterly Care by Rhysida
Daughterly Care, a leading provider of in-home aged care services based in Sydney, Australia, has recently fallen victim to a ransomware attack orchestrated by the notorious ransomware group Rhysida. The breach was discovered on September 23, 2024, and the extent of the data leak remains unknown at this time.
About Daughterly Care
Established in 1998, Daughterly Care Pty Ltd has built a strong reputation over its 26 years of operation, focusing on delivering high-quality care for the elderly. The company specializes in high care and dementia care, with over 82% of their services catering to clients with chronic conditions such as Parkinson’s disease, multiple sclerosis (MS), and motor neuron disease (MND). They employ around 42 individuals, including caregivers and management staff, and reported an annual revenue of approximately $50.6 million as of 2024.
Daughterly Care is an approved provider for Home Care Packages, which are government-subsidized programs designed to help seniors access necessary services. Their offerings include live-in care, 24-hour assistance, and various levels of home care packages funded by the Australian government. The organization is particularly noted for its expertise in high care and dementia care, providing personalized support tailored to the specific needs of each client.
Attack Overview
The ransomware attack on Daughterly Care was claimed by Rhysida via their dark web leak site. The breach was discovered on September 23, 2024, and the extent of the data leak remains unknown. Given the sensitive nature of the data handled by Daughterly Care, including personal and medical information of elderly clients, the impact of this breach could be significant.
About Rhysida
Rhysida is a Ransomware-as-a-Service (RaaS) group known for its aggressive affiliate model and double extortion tactics. The group encrypts victims' data and exfiltrates sensitive information to leverage ransom demands. Rhysida has filled the void left by the disruption of other high-profile ransomware groups and remains highly active, targeting high-value sectors such as healthcare, financial services, and government.
Penetration and Vulnerabilities
Rhysida is renowned for its speed and efficiency, often exploiting vulnerabilities in unpatched systems and using phishing campaigns to gain initial access. Once inside, the group conducts multi-phase attacks involving network reconnaissance, privilege escalation, and data exfiltration before encrypting files. Daughterly Care, with its extensive handling of sensitive data and reliance on digital systems for managing care packages and client information, presents a valuable target for such threat actors.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!