Aoyuan Healthy Life Group

Aoyuan Healthy Life Group, also known as Aoyuan Group, Aoyuan Holdings, or China Aoyuan Group, is a subsidiary of China Aoyuan Group with its headquarters located in China. The organization maintains operational presence across Hong Kong, Australia, and Canada, positioning it as a multinational entity under the umbrella of its parent company. Its corporate structure is defined by this subsidiary relationship, which situates it within a larger conglomerate based in mainland China. The specific nature of its core products or services is not detailed in available public records, and its market positioning or specializations remain unspecified. The organization is identified by multiple aliases, reflecting potential branding or structural complexities within the corporate group. Its footprint spans three distinct international regions, indicating a diversified operational reach beyond its Chinese headquarters. The parent company, China Aoyuan Group, serves as the overarching entity, though the subsidiary's precise role or contribution to the group's portfolio is not elaborated. No quantitative data regarding employee count, revenue, or asset size is provided in the source material. The organization's regulatory engagements or sector-specific competencies are not documented in the available information. Its business activities and clientele remain undefined outside of the noted geographic operations.

In September 2022, the organization experienced a confirmed ransomware incident attributed to the PT_Moisha group. The attackers claimed to have exfiltrated 200 gigabytes of documents from the company's systems, supporting their assertion with a 200-megabyte sample of the stolen data. PT_Moisha described itself as an established threat actor, despite being newly identified in cybersecurity reports at the time. The breach impacted the data security of the publicly listed company, though available summaries did not specify the extent of operational disruptions or detail any ransom demands. This event represents a documented cybersecurity compromise affecting the subsidiary's digital assets. The incident did not include public disclosure of financial losses or long-term reputational consequences in the referenced report. No information is provided regarding the organization's response, data recovery efforts, or negotiations with the attackers. The ransomware attack highlights the vulnerability of multinational subsidiaries to cyber extortion groups. The attackers' provision of a data sample served as evidence of their claimed access, though independent verification of the full exfiltration was not presented. The incident stands as a notable point in the organization's recent history, illustrating the persistent risk of ransomware to corporate entities with international operations. Subsequent security enhancements or legal actions by the organization are not recorded in the available source material.