Meli Non-Profit Hit by Qilin Ransomware: 215GB of Data Stolen
Qilin Ransomware Group Targets Meli (BCYF & Bethany) in Significant Cyber Attack
Meli, a prominent non-profit organization formed from the merger of Barwon Child, Youth & Family (BCYF) and Bethany Community Support, has recently fallen victim to a ransomware attack orchestrated by the Qilin group. This attack has raised significant concerns about the security of sensitive data within non-profit organizations.
About Meli
Meli operates in the Barwon region of Victoria, Australia, providing a comprehensive range of community support services. With a workforce of over 750 staff members, Meli is the largest provider of kindergarten programs in the region, operating 30 kindergartens. The organization also offers foster and kinship care, family services, youth services, disability services, and emergency relief and financial counseling. Meli's commitment to social justice, equality, and community support makes it a vital entity in the region.
Attack Overview
The Qilin ransomware group has claimed responsibility for the attack on Meli via their dark web leak site. The group alleges the theft of 419,617 files, amounting to 215 gigabytes of data, which includes financial statements, confidentiality agreements, and personal identification documents. Meli detected the breach and promptly initiated measures to secure its systems, engaging forensic specialists and cybersecurity advisors. While client services remain unaffected, some internal processes have been disrupted, necessitating a temporary shift to manual operations.
About the Qilin Ransomware Group
The Qilin ransomware group, also known as Agenda, is a sophisticated Ransomware-as-a-Service (RaaS) operation believed to be of Russian origin. The group first appeared in October 2022 and has since targeted various organizations, including healthcare providers, automotive companies, and government agencies. Qilin uses advanced tactics such as data exfiltration and double extortion to pressure victims into paying ransoms. The group is known for its adaptability and cross-platform capabilities, symbolized by its name derived from the mythical Chinese creature.
Potential Vulnerabilities
Non-profit organizations like Meli are often targeted by ransomware groups due to their extensive databases of sensitive information and potentially lower investment in cybersecurity measures compared to for-profit entities. The Qilin group could have penetrated Meli's systems through various means, including phishing attacks, exploiting unpatched vulnerabilities, or leveraging weak password policies. The attack on Meli underscores the importance of comprehensive cybersecurity measures, even for organizations dedicated to community support and social services.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!