An Australian hospitality company has confirmed that it suffered a cyber incident, following claims by a notorious hacking group that they launched an attack on the company’s network, exfiltrating data.
Seagrass Boutique Hospitality Group is a Rhodes, NSW-based hospitality organisation behind a number of major restaurants, brands and experiences, including The Meat & Wine Co, Hunter Barrel, and more.
The Kairos ransomware gang claimed the cyber attack on the hospitality group on 12 February. Cyber Daily has been unable to access the threat actors’ dark web leak site.
You’re out of free articles for this month
To continue reading the rest of this article, please log in.
Keep me signed in on this device.
If you check this box before you log in, you won’t have to log back into the website next time you return, even if you close your browser and come back later.
If you check the box above before you log in, you won’t have to log back into the website next time you return, even if you close your browser and come back later.
JavaScript is required for CAPTCHA verification to submit this form.
Create free account to get unlimited news articles and more!
First Name
Last Name
Mobile
Organisation Type
By becoming a member, I agree to receive information and promotional messages from Cyber Daily.
I can opt out of these communications at any time.
For more information, please visit our
Privacy Statement.
Need help signing up? Visit the
Help Centre.
However, Seagrass has confirmed the cyber incident in a statement on its website.
“On 12 February, we identified a cyber security incident involving unauthorised access to part of our IT network,” the company said.
“We immediately activated our incident response, and with the assistance of external cyber security experts, we have isolated the affected system.
“An investigation into what data may have been impacted is underway. We will provide more information as the investigation continues.”
When contacted by Cyber Daily, Seagrass declined to give additional commentary about the incident.
According to threat intelligence firm CYJAX, Kairos is active on several Russian-language hacking forums and does not appear to be linked to other hacking groups.
The group provides some information on its operations on its leak site, however. According to Kairos, victims are initially given seven days to respond to its demands, and once that deadline is passed, the gang publishes its initial leak post.
“If no agreement is reached within seven days, we will publish the fact of the data compromise on our website,” Kairos said.
“If the situation remains unresolved after seven days, we will notify your partners, competitors, and customers and then publish your data in full. This could lead to legal actions, termination of contracts, reputational damage, stock value drops, and potential closure of your organisation.”
Kairos was first observed in November 2024, and the gang has claimed at least 70 victims since then. Its most recent Australian victim was Melbourne-based Heidelberg Golf Club, from which it claimed to have stolen 24.6 gigabytes of data.
Daniel Croft
Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
