Mackay Sugar hit by The Gentlemen ransomware, operations disrupted
Australia's second-largest sugar producer, Mackay Sugar, was targeted in a ransomware attack by The Gentlemen group, disrupting operations at its mills. The ransomware group claimed responsibility and listed Mackay Sugar on its dark web leak site on June 15, 2026.
Signal context
First seen: Jun 15, 2026
Last updated: Jun 25, 2026
Status: Public signal
Key points
- Ransomware attack by "The Gentlemen" group (also known as Storm-2697).
- Disrupted operations at Farley and Racecourse Mills.
- Gentlemen ransomware group claimed responsibility on June 15, 2026.
Signal analysis
BetaIt helps compare this signal with other published signals without treating the labels as final determinations.
Likely country: 🇦🇺 Australia
inferred from company domain
Watch ransomware, endpoint compromise and business interruption exposure.
- Source type: outside the affected organization
Impact area: Availability
- 1 signal in the same sector
- 15 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Ransomware Attack Shuts Down Mills of Australia's Second-Largest Sugar Producer - SecurityWeekhttps://www.securityweek.com/ransomware-attack-shuts-down-mills-of-australias-second-largest-sugar-producer/Public source from securityweek.com.
Ransomware attack halts operations at Australia's second-largest sugar producer - teisshttps://www.teiss.co.uk/ransomware-attack-halts-operations-at-australias-second-largest-sugar-producer/Public source from teiss.co.uk.
Related signals
Grouped by why the signal is relevant.
Tata Electronics Cyberattack: Alleged Leak of Apple and Tesla Business Secrets by Worldleaks
Tata Electronics, an Indian manufacturing subsidiary of the Tata Group, was identified as a victim on the Worldleaks ransomware leak site on June 10, 2026. Data related to Apple and Tesla, including alleged technical drawings for Apple's iPhone 17 and Tesla's Model 3 'Highland' project, reportedly appeared on cybercriminal channels on the same day. Tata Electronics acknowledged a recent 'cybersecurity incident' and is conducting an extensive analysis to assess the impact and verify the authenticity of the leaked documents.
Fluke Corporation Discloses Data Breach Affecting 18,000 Individuals; Clop Ransomware Claims Responsibility
Fluke Corporation notified over 18,000 individuals of a data breach that originally occurred in August 2025. The breach, which reportedly lasted two months, compromised highly sensitive personal information including Social Security Numbers (SSNs), birth dates, and self-identified disability status. The incident was attributed to an exploited vulnerability in a third-party application used by the company. The Clop ransomware group claimed responsibility for the breach, listing Fluke Corporation on its dark web leak site.
Sysco Targeted by Qilin Ransomware Group with May 12, 2026, Data Leak Deadline
The Qilin ransomware group claimed responsibility for a cyberattack against Sysco, the world's largest food distributor, and listed the company on its dark web leak site. The group set a May 12, 2026, deadline for undisclosed ransom negotiations and published screenshots of alleged internal documents and company data as proof of access. Qilin threatened to release additional information if its demands were not met. At the time of reporting on May 12, Sysco had not publicly confirmed a breach or disclosed any operational impact.
Reynella East College Data Dumped Online by Interlock Ransomware Group
Reynella East College, an Australian school, had over 600 gigabytes of its data dumped online by the Interlock ransomware group on June 23, 2026. The threat actor claimed to have extracted over 473,000 files across more than 68,000 folders. The school had initially notified parents of a system-wide breach two weeks prior.
INC Ransom group leaks Sandhills Medical Foundation patient data
The INC Ransom ransomware group leaked stolen data belonging to Sandhills Medical Foundation patients on June 15, 2026. The breach, which originated from a ransomware attack discovered in May 2025, affected approximately 169,000 individuals, exposing sensitive personal and health information.
NAIC discloses data breach affecting PeopleSoft systems
The National Association of Insurance Commissioners (NAIC) discovered unauthorized access to its PeopleSoft systems on or about June 11, 2026. The incident was identified as a ransomware attack, with the ShinyHunters threat actor group claiming responsibility and alleging the theft of 3.1 terabytes of data, including regulatory filings, statistical reports, insurer financial statements, and rating agency files. The NAIC promptly activated incident response procedures, engaged cybersecurity experts, and is coordinating with law enforcement.