Meanwhile shares in the nation’s largest vehicle retailer, Eagers Automotive, remain in a trading halt while that company assesses the impact of its own cyber incident, which it said on Thursday was “currently impacting our IT systems in some operating locations across Australia and New Zealand’’.

Dandenong, Victoria-based Yakult posted a message to its website on December 23 advising that it also had been subject to a “cyber incident’’.

“Yakult Australia has notified the Australian Cyber Security Centre, the New Zealand National Cyber Security Centre, the Office of the Australian Information Commissioner and the Office of the Privacy Commissioner New Zealand,’’ the company said.

“Our investigations are ongoing. Further information will be provided as information becomes available.’’

A notification published by Dragonforce claims that 95.19GB of data was stolen, with screenshots showing copies of passports and spreadsheets purporting to be taken from the company.

According to technology website Cyberdaily, Dragonforce is a new entrant on the ransomware scene, having been active only since late November.

The group sets up a discrete website for each company it targets, setting out the data it claims to have breached, which is then leaked if a ransom is not paid.

Dragonforce has been active in recent weeks, with the Ohio Lottery reportedly having to shut down some systems after an attack just before Christmas, with the lottery’s website currently offline.

Liberty Hospital in Kansas City was also targeted this month following an earlier attack on the Heart of Texas Behavioral Health Network.

Yakult Australia director David Whatley said on Thursday that there was currently nothing the company could add to the statement which it has published on its website.

“We are working with cyber incident experts to investigate the extent of the incident,’’ the statement says.

“We are currently investigating which data and systems may have been impacted.’’

Eagers, which operates more than 300 dealerships across Australia, said it intended to update its shareholders on Friday regarding its incident, which it first alerted the share market to on Wednesday.

“External experts have been appointed to support our response and an urgent investigation is underway,’’ Eagers said in a statement.

“The security and privacy of our customer and employee data is our highest priority. The company apologises to our customers for any inconvenience.’’

The nature of the data involved in the Eagers incident has not been revealed.

A company spokesman said on Wednesday the company was, “investigating rapidly and, to this point, has not found any access to or misuse of customer or employee information’’.

“Maintaining the security and privacy of our customers’ data and our employees’ data is our highest priority and all efforts of the business are now focused on safely restoring our systems.

“At this stage, customers do not need to do anything but we ask them to remain vigilant of any suspicious activity.”

The recent cyber incidents follow the high profile attacks on Medibank and Optus last year - the latter of which resulted in the personal information of 9.8 million Australians being stolen, and both of which have resulted in class action lawsuits.

Australia’s corporate leaders recently reported that a cyber attack now represented the single biggest external threat to the running of their businesses and was the top issue that kept them awake at night.

Cyber was the overwhelming response to a question about what kept chief executives up at night as part of The Australian’s 2024 CEO Survey.

More Coverage

Industrial relations reforms threat to jobs: Kmart boss

Eli Greenblat

Mining promoter claims he’s now sitting on trillions

Cameron England

Originally published as Yakult Australia has been hit with a cyber attack with company and staff data claimed to be stolen