Back to Blog
high severity October 22, 2025 · scope unconfirmed

ozsoft.com.au Listed by lynx Ransomware Group

OzSoft Solutions Pty Ltd is a company that operates in the Custom Software & IT Services industry. It employs 20to49 people and has 1Mto5M of revenue. The company is headquartered in Launceston, Tasmania, Australia

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed October 22, 2025
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On October 22, 2025, Australian company OzSoft Solutions appeared on the leak site of the lynx ransomware group. The firm, which provides custom software and IT services from Launceston, Tasmania, had internal files exfiltrated during a ransomware attack. While the exact number of people whose information was exposed remains unknown, anyone whose personal or financial details were stored in OzSoft’s systems could now be at risk.

Confirmed Facts from Public Reporting

Public reporting indicates that lynx listed OzSoft on its dark-web leak portal after the company apparently did not meet the group’s demands. The data consists of internal files exfiltrated rather than a simple database dump. OzSoft Solutions Pty Ltd employs between 20 and 49 people and generates annual revenue between 1M and 5M Australian dollars. No customer list or precise volume of records has been publicly detailed, but the nature of an IT services provider means client contracts, invoices, employee records, and project documentation were likely among the stolen material.

Why This Matters for You and Your Family

When a company that builds or manages software for other organisations is breached, the ripple effects reach ordinary customers. If you or your family have ever used services powered by OzSoft, paid them directly, or had your information stored in systems they developed, your data may now sit on a criminal forum. Names, addresses, phone numbers, email accounts, and financial details are the usual ingredients attackers need to open accounts in your name, file fraudulent tax returns, or sell your information to other criminals. For families this can mean sudden loan applications in a teenager’s name or unexpected bills arriving at your doorstep months later.

The Doxxing and Identity-Chain Implications

Ransomware leaks rarely stop at one company. Stolen internal files often contain spreadsheets that link customer emails to phone numbers, home addresses, and sometimes dates of birth. These fragments become the starting point for doxxing chains. Once criminals connect an email from the OzSoft leak to a reused password on a gaming platform or social account, they can hijack those services and extract even more personal information. Credential leaks like this one cascade into account takeovers, turning a single breach into a trail that can expose your entire digital life and that of your children.

Lynx Ransomware Group’s Known Track Record

Public reporting attributes the attacks to a group operating under the name lynx. The gang emerged in recent years and has targeted organisations across multiple countries with a classic ransomware playbook: gain initial access, exfiltrate sensitive files, encrypt systems, then threaten to publish the data unless a ransom is paid. Notable prior victims include other small-to-medium businesses whose internal documents were later posted on the same leak site. Their typical approach combines automated tools for entry with manual data theft, followed by extortion demands that escalate if payment deadlines are missed.

What to do

  • Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the no-subscription cleanup to remove what you can.
  • Rotate any password you used at OzSoft or any related service, and switch on two-factor authentication through an authenticator app rather than SMS.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next leak that touches your family is caught in hours, not months.
  • Cover the household with DoxxScan family coverage that extends to dependents and children’s gaming accounts, which often become the next link in doxxing chains after credential leaks like this one.
  • Let remediation specialists handle takedown requests across data brokers and suspicious sites while you focus on securing your own accounts.

The OzSoft incident is a reminder that even small service providers can become gateways to your personal information. Taking concrete steps now limits how far attackers can travel down the identity chain. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts. Start your DoxxScan trial today to close the gaps this breach has opened.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.