ALS Global

Attack Summary

[certification, inspection] ALS Limited (ASX:ALQ) — a global testing, inspection, and certification company with AUD 3.19B revenue, 20,500+ employees, and operations in 65+ countries — identified unauthorised access to its IT systems. ~400–500 employee home directories — personal documents, cached credentials, email settings, family photos, personal finance files for employees from Australia to Peru to Sweden to Romania. The company's 1Password team vault emergency recovery kit — a single 45 KB PDF that enables total recovery of every shared credential in ALS's enterprise password vault. 291 plaintext password files including administrator credentials, FTP passwords, portal passwords, and the document control system master password. 1,018 passport and identity document scans — Swedish passports, Mexican passports, Australian passports — each one a 10-year identity-theft enabler. 601 bank account detail files including IBAN, SWIFT routing codes, BSB numbers, and sort codes for employees across 15+ countries, plus Russian-language SWIFT salary payment files. 1,986 salary, payroll, and compensation files — named individuals, exact amounts, pay scales, negotiation records across AU, US, EU, UK, CA, BR, SE, RO. 453 medical, drug test, and workplace injury records — GDPR Art. 9 special category data. 57 complete Outlook email archives (PST files) — years of correspondence, attachments, privileged communications. 7,327 client laboratory results — mining assay data, certificates of analysis, and geochemistry results held under NDA. 20 GB of proprietary analytical method development — ALS's core competitive IP: PFAS, dioxin, acrylamide, glyphosate LC-MS/GC-MS method packages representing years and millions of AUD in R&D. For a TIC company, analytical methods are the product. 7.2 GB of Internal Research reports — 68+ formal research reports (IR153–IR287+) spanning 15 years, including IsaMill grinding R&D, GlyLeach joint-venture process IP (with mutual NDA), flotation, mineralogy, and QEMSCAN data. The FY2025–2026 innovation roadmap — "ALS Environmental Innovation — Priority projects for 2024-25" (10 MB PPTX) and Nordic Innovation Business Plans revealing which methods ALS plans to develop and which markets it plans to enter. 3.7 GB of Cryptosporidium water-testing methods (WA_Crypto) — UKAS-accredited, DWI-regulated detection methods where few UK labs hold accreditation. QuickBooks live bookkeeping, AR aging reports, and stock sale records — taken 12 days before FY26 results announcement. 111 PKI certificates with private keys — corporate WiFi, TLS server certs, personal signing certificates. A compiled Chrome password extraction tool with source code — credential harvesting infrastructure resident on ALS systems.