Netstar Australia is a technology company based in Melbourne that has spent over twenty years providing GPS telematics and fleet management solutions to a wide range of Australian industries. Their client base includes government agencies and operators of critical infrastructure, making them a central figure in the country’s logistical framework. Because of the nature of their work, the company handles vast amounts of real-time data regarding vehicle locations and driver behaviors.
The breach was discovered on December 17, 2025, and has been claimed by the Blackshrantac ransomware group, an actor that first emerged in September 2025. This specific incident is classified as a data extortion attack, which differs from traditional ransomware because the primary threat is the public release of stolen sensitive information rather than the encryption of the company's internal systems. By threatening to leak data, the attackers aim to leverage the sensitive nature of the information to force a payment.
GET 50% Discount for VPN/ANTIVIRUS SOFTWARE AT 911Cyber - CODE: bit5025
Blackshrantac functions as a data broker and utilizes double extortion tactics to pressure its victims. Since it began operations, the group has been linked to more than 30 attacks worldwide, demonstrating a rapid and aggressive operational pace. While the total volume of data stolen from Netstar has not been officially confirmed, the company’s role involves managing intelligence that includes vehicle movements and operational logistics for its various clients.
The news of this attack was first reported by the cybersecurity intelligence firm HookPhish, which monitors the activities of various ransomware organizations. This incident places Netstar on an expanding list of international victims targeted by Blackshrantac across multiple sectors and geographic regions. The frequency of these strikes suggests that the group is intentionally seeking out organizations that hold high-value data to maximize their leverage during ransom negotiations.
This attack is particularly significant because it underscores a major security risk to the telematics and fleet management sector. When companies that track government and infrastructure assets are compromised, the breach moves beyond corporate loss and enters the realm of national security. Stolen GPS data can reveal the movement of sensitive convoys or critical supply chains, providing hostile actors with actionable intelligence on essential assets and creating vulnerabilities across the nation’s interconnected infrastructure.
Source: Baker University Says 2024 Data Breach Impacts 53,000 People