On 19 June 2026, a ransomware group calling itself Aurora added ALS Global to its dark web leak site, claiming it had stolen data from the company and threatening to publish it. If you've never heard of ALS, you've almost certainly been touched by its work — and that's exactly why this one is worth paying attention to.
Who is ALS, and why does it matter here?
ALS Limited is an ASX-listed Australian company headquartered in Brisbane, founded back in 1863. It's one of the largest testing, inspection and certification businesses in the world, running laboratories across more than 65 countries — testing everything from drinking water and food to soil, pharmaceuticals and minerals.
You won't have an account with ALS the way you have one with your bank. But organisations that do hold your data — water utilities, food producers, government environmental programs, mining and resources companies — rely on ALS as a behind-the-scenes supplier. That's the part most people miss about modern data breaches: the company that gets hit is often not the one you handed your information to directly.
What's actually been claimed
Let's be precise, because precision matters. At this stage, this is a claim by a threat actor, not a confirmed breach:
- Aurora has listed ALS on its leak site and says it exfiltrated corporate and personal data.
- Reporting on the listing references employee information, internal business documents, and proprietary research data, with some accounts mentioning employee credentials and identity documents.
- As far as we can see, no sample data has been published, and ALS has not publicly confirmed an incident.
Ransomware groups post listings like this to apply pressure and force a company to the negotiating table. Sometimes the claim is exactly as described. Sometimes it's exaggerated, recycled from an older breach, or simply false. The honest answer today is: we don't yet know the full scope. We'll update this post as verified information emerges.
Why "I'm not an ALS customer" isn't the right question
The more useful question is: could an organisation I deal with be one of ALS's clients? For a business this large and this embedded in essential services, the answer for a lot of Australians is "quite possibly."
This is the supply-chain reality of breaches in 2026. Your data can be exposed through a company you've never directly interacted with, because the organisations you trust pass data down a chain of suppliers to get their work done. You can't control that chain. What you can control is how exposed you are when a link in it breaks.
What to actually do
You don't need to panic, and you don't need to do anything dramatic. A few sensible, durable habits cover you regardless of how the ALS situation plays out:
- Treat unexpected "ALS" or testing-related emails with suspicion. A high-profile listing like this often draws opportunistic phishing that name-drops the breach. Don't click links in unsolicited messages — go to the source directly.
- Turn on multi-factor authentication anywhere you haven't already, especially email and banking. If credentials are floating around, MFA is what stops them being useful.
- Use unique passwords. A password manager makes this painless. The damage from any single breach stays contained to one account.
- Watch for the unusual. Logins you don't recognise, password-reset emails you didn't request, statements that don't look right.
How we see it
Breaches like this are a reminder that your personal information lives in far more places than you'll ever have a login for. That's not a reason for fear — it's a reason to build a few good habits once and let them protect you everywhere.
At SelfCybr, that's the whole point: helping individuals and families in Australia understand their exposure in plain language, monitor for it, and know what to do when something surfaces. No jargon, no scare tactics — just the practical steps that actually move the needle.
This post reflects information available as of 22 June 2026 and concerns an unverified threat-actor claim. We'll update it as the situation develops.
