Alert status MEDIUM Background / What has happened? The ACSC is aware of multiple instances of Australian organisations that have been impacted by Conti ransomware in November and December 2021. This activity has happened across multiple sectors. Victims have received demands for ransom payments. In addition to the encryption of data and subsequent impact to organisations’ ability to operate as usual, victims have had data stolen during incidents published by the ransomware actors, including Personally Identifiable Information (PII). Mitigation / How do I stay secure? The ACSC has published information on the risks, impacts and preventative actions associated with ransomware via an advisory. Assistance / Where can I go for help? The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.