[BreachExchange] Spotless hit by ransomware attack

[Destry Winant]

https://www.itnews.com.au/news/spotless-hit-by-ransomware-attack-554554

Exclusive: Confirms a 'number' of servers 'accessed'.

Spotless Group, the Downer-owned facilities services provider, is the
latest high-profile Australian company to fall victim to ransomware
attackers.

iTnews learned that the company had been attacked on Friday last week,
and a Downer spokesperson confirmed the infection.

“We are investigating suspicious activity involving unauthorised
access to a number of Spotless servers,” a spokesperson told iTnews.

“We have engaged experts and believe it is linked to ransomware.

“We have restricted access to a number of Spotless servers and have
notified the Australian Cyber Security Centre (ACSC).”

The spokesperson said that Spotless had “enacted business continuity
plans that allow us to continue the delivery of our services.”

It was unclear which of Spotless’ servers had been targeted by the
attackers, however its public-facing website remains online.

Spotless is an outsourced provider of services like asset maintenance
and management, cleaning, laundry, facilities management and physical
site security.

It is most visible in venues like exhibition centres and stadiums,
however it also touts “long standing relationships with the Australian
Government Department of Defence and the New Zealand Defence Force.”

Downer Group, which is ASX-listed, bought a controlling interest in
Spotless in mid-2017 before completing a takeover of the rest of the
company only last week.

Spotless joins other large Australian companies including Toll Group,
Lion, BlueScope and Regis Healthcare in being infected with ransomware
in 2020.