Exclusive: Aussie Owner of Strike Bowling and Other Venues Confirms Ransomware Attack
In a concerning development for the Australian entertainment sector, Funlab, the parent company of popular venues like Strike Bowling, has confirmed that it has fallen victim to a ransomware attack. The incident, which has raised alarms about data security, was first reported by the Lynx ransomware gang, which listed Funlab on its leak site, indicating a successful breach.
The Incident Unfolds
The cyber-attack reportedly took place over the weekend of September 20-22, 2023. Funlab confirmed the incident to Cyber Daily, stating that it is currently investigating the cyber-security breach that affected some of its IT systems. A spokesperson for the company reassured stakeholders that all operations were restored to normal within 48 hours of the attack. The company has also engaged with appropriate regulatory authorities to address the situation.
Data Compromised
While Funlab has stated that no guest data appears to have been impacted, the breach has compromised some employee information. The company indicated that the affected data pertains to a limited number of current and former employees, with the total in the low double digits. Notably, some of this information is considered redundant due to its expiry dates.
The ransomware gang, Lynx, has not disclosed the amount of data exfiltrated or any ransom demands. However, they have shared several screenshots and documents as evidence of the successful hack. The leaked data appears to have been stored on a Network Attached Storage (NAS) device, with folders labeled "Payroll," "Finance," and "Gsuite Backup," among others. This includes sensitive documents such as budget spreadsheets and internal communications.
Funlab’s Response
In light of the attack, Funlab has proactively reached out to any employees, past or present, who may have had their data accessed. The company is providing appropriate assistance to those affected, demonstrating a commitment to transparency and support during this challenging time.
Funlab, known for creating competitive socializing experiences, operates 40 locations across Australia, New Zealand, and the United States. Its portfolio includes well-known brands such as Strike Bowling, Holey Moley mini-golf bars, and Archie Brothers. With over 2,000 employees, the company was recently acquired by private equity firm TPG Capital, adding another layer of scrutiny to its operational integrity.
The Lynx Ransomware Gang
Lynx, which emerged in July 2024, is believed to be a rebranding of the INC Ransomware operation. This group is notorious for employing double extortion tactics, which involve both encrypting data on a victim’s network and exfiltrating it to threaten its release unless a ransom is paid. According to their leak site, Lynx claims to be motivated by financial incentives while asserting a policy against targeting governmental institutions, hospitals, or non-profit organizations, citing ethical considerations in their operations.
Despite this purported ethical stance, the reality of being a victim of such an attack is undoubtedly distressing for Funlab and its employees. The gang’s most recent victim in Australia was Myelec Electrical Wholesalers, highlighting the growing trend of ransomware attacks targeting businesses across various sectors.
Conclusion
The ransomware attack on Funlab serves as a stark reminder of the vulnerabilities that organizations face in an increasingly digital world. While the company has managed to mitigate immediate operational disruptions and has taken steps to protect its employees, the incident underscores the importance of robust cybersecurity measures. As cyber threats continue to evolve, businesses must remain vigilant and proactive in safeguarding their data and maintaining the trust of their customers and employees alike.
As Funlab navigates the aftermath of this attack, the entertainment industry and other sectors will undoubtedly be watching closely, hoping to learn from this incident to bolster their own defenses against potential cyber threats.