{
	"id": "8c27ebae-cf0c-427e-8fb7-c6a3912c41bf",
	"created_at": "2026-04-06T00:12:10.389742Z",
	"updated_at": "2026-04-10T03:24:29.13882Z",
	"deleted_at": null,
	"sha1_hash": "7e07d607a50f57c9ad5ca09f4302d77227e4b700",
	"title": "Tasmania officials: 16,000 student documents leaked by Clop ransomware group",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 74869,
	"plain_text": "Tasmania officials: 16,000 student documents leaked by Clop\r\nransomware group\r\nBy Jonathan Greig\r\nPublished: 2023-04-07 · Archived: 2026-04-05 22:01:04 UTC\r\nGovernment officials in Tasmania confirmed on Friday that more than 16,000 sensitive documents were leaked by\r\nthe Clop ransomware group following a data theft incident two weeks ago.\r\nDuring a press conference on Friday, Minister for Science and Technology Madeleine Ogilvie told reporters that\r\nthe information released includes financial invoices, statements and information relating to student assistance\r\napplications.\r\n“This may include names and addresses and this is an evolving situation. This data has been accessed through a\r\nthird party file transfer service, and as I have said previously there is no evidence that Tasmanian government IT\r\nsystems have been breached,” she said.\r\n“We are managing it as a serious incident response, and our response will continue to be proportionate to the risk.\r\nEmergency management arrangements have been activated. We fully understand how concerning this is for all\r\nTasmanians.”\r\nSeveral cybersecurity researchers confirmed that the Clop ransomware group released the documents on its leak\r\nsite. Ogilvie said that like most of Clop’s victims in this campaign, they were a user of Fortra’s GoAnywhere\r\nmanaged file transfer product.\r\nOn Wednesday, Ogilvie acknowledged that the investigation into the attack indicated that “financial data from the\r\nDepartment for Education, Children and Young People may have been accessed in the global incident.”\r\nNames, addresses, invoices and bank account numbers were involved in the breach. A spokesperson previously\r\ntold Recorded Future News that the government was investigating the breach after being added to Clop’s list of\r\nvictims on March 27.\r\nDozens of governments, businesses and schools — from the City of Toronto and the Virgin company to Hitachi —\r\nhave come forward to say data was stolen through the bug affecting GoAnywhere. Clop is the only confirmed\r\nhacking group that exploited the vulnerability, which is being tracked as CVE-2023-0669.\r\nIn February, Clop claimed it had attacked more than 130 organizations and it has slowly been adding names to its\r\nlist of victims since then.\r\nThe politics of ransomware\r\nThe theft from the island state off the coast of Australia has become a local political scandal, with the opposition\r\nparty assailing the government’s handling of the incident.\r\nhttps://therecord.media/tasmania-government-ransomware-clop-student-documents\r\nPage 1 of 3\n\nSeveral opposition officials said Ogilvie had refused to meet with them to explain the seriousness of the situation\r\nand had routinely downplayed the sensitivity of the information that was in the hands of hackers.\r\n“It is no surprise that we have the worst cyber security in the country given the cuts to funding made by the\r\nLiberal Government, starting in 2014. Tasmanians deserve to know exactly what is going on, and Tasmanians\r\ndeserve a Government that ensures their sensitive data is protected,” said Jen Butler, shadow minister for ICT,\r\nScience and Technology.\r\n“Instead, Madeleine Ogilvie failed to secure Tasmanians’ personal data and then spent a fortnight concealing the\r\ntruth about just how serious this data breach was. Her conduct has been unforgivable.”\r\nButler added that “potentially each primary school in Tasmania, every entity, every individual who's had anything\r\nto do with the Department of Education may be compromised, and that could put some people in a very dangerous\r\nsituation.”\r\nOgilvie shot back at the opposition, claiming they were “fearmongering” and peddling misinformation about her\r\nresponse to the scandal — disputing claims that she had downplayed the cyberattack.\r\n“At no point have I said there was no risk and no threat to Tasmanian’s data. … [T]he opposition spokeswoman,\r\nJen Butler, said the government shouldn’t negotiate with terrorists — what an inflammatory and irresponsible\r\ncomment,” Ogilvie said.\r\n“Ms Butler was also unable to provide any source for her specific claims. … She may think she is scoring a\r\npolitical point, but she is blatantly and willfully ignoring the fact she is causing harm and risks causing further\r\nharm.”\r\nOgilvie went on to admit that the 16,000 documents are only part of what was stolen and more are likely to be\r\nreleased. Clop spent four days in the government’s network until a patch was applied and the hackers were\r\nremoved from the system, she said during Friday’s news conference.\r\nThe government has set up a hotline for concerned parents to get more information.\r\nFortra, the company behind GoAnywhere, has faced backlash for its response to the fiasco. Several customers told\r\nTechCrunch last month that the company told them their data was safe when it was not.\r\nNo previous article\r\nNo new articles\r\nhttps://therecord.media/tasmania-government-ransomware-clop-student-documents\r\nPage 2 of 3\n\nJonathan Greig\r\nis a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since\r\n2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.\r\nHe previously covered cybersecurity at ZDNet and TechRepublic.\r\nSource: https://therecord.media/tasmania-government-ransomware-clop-student-documents\r\nhttps://therecord.media/tasmania-government-ransomware-clop-student-documents\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://therecord.media/tasmania-government-ransomware-clop-student-documents"
	],
	"report_names": [
		"tasmania-government-ransomware-clop-student-documents"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434330,
	"ts_updated_at": 1775791469,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/7e07d607a50f57c9ad5ca09f4302d77227e4b700.pdf",
		"text": "https://archive.orkl.eu/7e07d607a50f57c9ad5ca09f4302d77227e4b700.txt",
		"img": "https://archive.orkl.eu/7e07d607a50f57c9ad5ca09f4302d77227e4b700.jpg"
	}
}