Aussie fluid power investigates data breach linked to ransomware group

Australian hydraulics and processing company Aussie Fluid Power (AFP) has confirmed it is investigating a cybersecurity breach after the Anubis ransomware group claimed responsibility for an attack on its systems and published stolen data on the dark web.

 

In a statement to CyberDaily, AFP said a “limited number” of IT systems were accessed without authorisation. The company is working with external forensic specialists to assess the full scope of the incident and determine whether sensitive employee, customer, or supplier data was compromised.

 

“While our investigation remains ongoing, early findings suggest certain business information may have been accessed,” the company said, noting that it has notified the Australian Cyber Security Centre (ACSC) and relevant authorities. AFP added that additional security measures and system monitoring have been implemented to prevent further breaches.

 

The Anubis group, which operates as a ransomware-as-a-service (RaaS) operation, claimed on its leak site to have obtained accounting files, contracts, and confidential company documents. The hackers alleged that they have contacted regulatory bodies and are offering “exclusive access” to the stolen information a common tactic used to pressure victims into ransom payments.

 

AFP said it has informed its partners and customers about the situation but emphasised there is no evidence at this stage that systems critical to operations have been affected. “We are treating this matter with utmost seriousness and will continue to provide updates as more information becomes available,” the company stated.

 

The incident adds to a growing list of Australian firms targeted by ransomware actors in recent months, highlighting persistent vulnerabilities in industrial and mid-sized enterprises that form part of the country’s critical supply chain.