Meow Ransomware Group Targets All Parks Insurance in Devastating Cyber Attack

All Parks Insurance, a specialized underwriting agency based in Australia, has become the latest victim of a ransomware attack orchestrated by the notorious Meow ransomware group. The attack has resulted in the exfiltration of 90 gigabytes of sensitive data, including employee information, client details, and financial records.

About All Parks Insurance

Established in May 2011, All Parks Insurance focuses on providing tailored insurance solutions for caravan parks, camping grounds, holiday villages, and home estates across Australia. The company, founded by Julie Pernecker, stands out in the industry due to its comprehensive and custom-designed insurance policies that address the unique risks faced by operators in these sectors. Their offerings include coverage for accidental damage, malicious damage, catastrophe escalation costs, and seasonal variations in risk.

Details of the Ransomware Attack

The Meow ransomware group has listed All Parks Insurance on their dark web leak site, claiming to have stolen 90 gigabytes of data. The compromised information includes employee data, client information, scanned payment documents, and personal details such as dates of birth and driver’s license scans. Financial records and policy details for several clients were also exfiltrated. To substantiate their claims, Meow has shared several documents, including commission prepayment details for numerous caravan parks, Greenslip policy documents, and tax file number declarations.

Rather than issuing a ransom demand, the Meow group is selling the stolen data outright. They are offering the data for US$20,000 to a single buyer or US$10,000 to multiple buyers, with transactions facilitated through encrypted communication platforms like Telegram, Jabber, Tox, or Matrix.

About the Meow Ransomware Group

Meow Ransomware emerged in late 2022 and is associated with the Conti v2 ransomware variant. The group resurfaced in late 2023 and has been highly active since then. They primarily target industries with sensitive data, such as healthcare and medical research, and have been known to post victim data on their leak site if the ransom is not paid. Meow Ransomware employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms.

Potential Vulnerabilities

All Parks Insurance, like many companies in the insurance sector, handles a significant amount of sensitive data, making it an attractive target for ransomware groups. The company's reliance on digital records and the potential for vulnerabilities in their cybersecurity infrastructure could have facilitated the Meow group's penetration of their systems. The attack underscores the critical need for advanced cybersecurity measures in the insurance and tourism sectors.

• All Parks Insurance - Product Information
• SOCRadar - Dark Web Profile: Meow Ransomware
• SalvageData - Meow Ransomware
• All Parks Insurance - Company Profile
• WatchGuard - Meow Ransomware