Cyber Incident Victim: Aurecon

The Aurecon cyber incident occurred on or around October 2022, impacting the Australian engineering firm with over 7,000 global employees. The attack forced Aurecon to disable access to its online platforms as part of its immediate incident response, causing what the company described as "necessary but unavoidable disruption" to operations. Aurecon declined to specify whether ransomware actors had made contact or demanded payment, maintaining this position when approached for updates following the initial disclosure. The company's public statements emphasized an ongoing investigation to determine the extent of system compromise and potential data exposure, though no specifics regarding affected systems or data types were disclosed. As a key contractor on Victoria's Suburban Rail Loop project, the incident raised concerns about project continuity, though Aurecon assured stakeholders it would maintain communication with clients and government agencies regarding developments.

The operational disruption persisted beyond the initial attack timeframe, with Aurecon continuing to assess impacts while withholding detailed updates about business continuity challenges. The company's response focused on containment through platform disconnections and forensic analysis, without publicly confirming evidence of data exfiltration or specifying remediation timelines. No customer or employee data breach notifications were issued during the period covered by available reports, leaving the scope of potential personal information exposure unverified. Aurecon maintained its commitment to stakeholder updates but provided no further technical details about attack vectors, threat actors, or recovery progress beyond acknowledging continued investigation efforts. The incident occurred amid heightened cybersecurity scrutiny in Australia following simultaneous attacks on Medibank and The Smith Family charity.