RiskEvents
MonitoringMedium impactAI Refreshed

Cyber attack shuts down two Mackay Sugar mills in North Queensland

Occurred 10 Jun 2026·Detected 14 Jun 2026·
🇦🇺 Mackay, North Queensland, Australia4 reports
CyberPropertyEnergyCyberCasualty & Liability

A confirmed cyber attack has forced the shutdown of two sugar mills operated by Mackay Sugar in North Queensland, Australia, including the named Farleigh Mill, during the active harvest period. The operator has engaged external cybersecurity experts and local authorities to investigate and restore systems. Attack vector, data exfiltration status, shutdown duration, and financial loss remain undisclosed.

AI-generated from linked source reports. See our correction policy.

Impact verdict

Medium impact. Loss pathway is anchored on a named industrial operator (Mackay Sugar, described as Australia's second-largest sugar producer) with confirmed facility shutdown of two sugar mills from a cyber attack, supporting exposure under Cyber (first-party, potential extortion, potential third-party liability) and Property/BI (consequential business interruption at named processing assets during the harvest period). Severity is capped by available evidence: scope appears regional and limited to a single operator, with no indication of multi-peril or systemic impact and no designation as critical national infrastructure. Key drivers of quantum (attack type, exfiltration, shutdown duration, financial loss) remain undisclosed, so severity is held at a medium banding pending further reporting.

View assessment methodology

How we grade what we know -- Known · Reported · Uncertain. Methodology →

Intelligence ledger

Each line expands in place to its underlying sourced claim.

AI refreshed 18 Jun 2026, 06:43

Known22 lines

Cyber attack confirmed against Mackay Sugar
structured lineknown
No separate sourced-claim record is available for this line yet.
Two sugar mills shut down as a result
structured lineknown
No separate sourced-claim record is available for this line yet.
Incident occurred in North Queensland, Australia
structured lineknown
No separate sourced-claim record is available for this line yet.
The cyber incident and mill shutdowns occurred in North Queensland, Australia.
incident_location_north_queensland_aucontextvalid from 14 Jun 2026, 16:18Cyber
Market relevance: Confirms APAC regional exposure; relevant to Lloyd's APAC cyber and political risk accumulations.
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Incident is located in North Queensland, Australia, with named facility Farleigh Mill in the Mackay region.
location_north_queensland_aucontextvalid from 10 Jun 2026, 03:14Cyber
Market relevance: Geographic concentration risk; relevant to regional APAC cyber/BI portfolios
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Two sugar mills operated by Mackay Sugar in North Queensland were shut down as a result of the cyber attack.
two_mackay_sugar_mills_shut_downprimary lossvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Confirms physical operational impact at named processing assets, supporting cyber and BI loss pathways.
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Two sugar mills operated by Mackay Sugar in North Queensland have been shut down as a result of the cyber attack, including the named Farleigh Mill.
two_mills_shut_downbusiness interruptionvalid from 15 Jun 2026, 06:28Property
Market relevance: Confirmed facility-level shutdown at named industrial processing assets
Australia's second-largest sugar producer said on Wednesday that it was responding to a cybersecurity incident affecting parts of its operations” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Two sugar mills operated by Mackay Sugar in North Queensland have been shut down as a result of the cyber attack, including the named Farleigh Mill.
two_sugar_mills_shut_downloss pathway identificationvalid from 14 Jun 2026, 16:18Cyber
Market relevance: Confirms physical/operational impact at named industrial processing assets; supports Cyber and Property/BI exposure assessment.
Australia's second-largest sugar producer said on Wednesday that it was responding to a cybersecurity incident affecting parts of its operations” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Farleigh Mill is named in coverage as one of the affected Mackay Sugar mills shut down by the cyber attack.
farleigh_mill_named_affected_facilitypotential lossProperty
Market relevance: Named industrial asset confirms first-party property/BI exposure at a specific location.
Farleigh Mill” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Two sugar mills operated by Mackay Sugar in North Queensland were shut down as a result of the cyber attack, including the named Farleigh Mill.
two_sugar_mills_shutdownloss pathwayvalid from 10 Jun 2026, 03:14Cyber
Market relevance: Confirms operational impact on named processing assets, supporting first-party cyber and BI exposure assessment.
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Two sugar mills operated by Mackay Sugar have been shut down as a result of the cyber incident, with Farleigh Mill specifically named.
two_mills_shutdown_farleigh_namedloss eventvalid from 10 Jun 2026, 03:14Cyber
Market relevance: Consequential business interruption at two named industrial processing sites; relevant to cyber and property/BI cover.
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Two of Mackay Sugar's mills were shut down as a result of the cyber attack; Farleigh Mill is named in coverage.
two_mills_shutdownloss pathwayvalid from 10 Jun 2026, 03:14Property BI
Market relevance: Business interruption exposure at named processing assets
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Mackay Sugar confirmed it was responding to a cyber security incident affecting parts of its operations.
mackay_sugar_cyber_attack_confirmedprimary lossvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Direct insured loss exposure for the named operator and class of business under cyber and BI covers.
Australia's second-largest sugar producer said on Wednesday that it was responding to a cybersecurity incident affecting parts of its operations” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Farleigh Mill is named in reporting as one of the affected Mackay Sugar facilities.
farleigh_mill_identified_as_affectedcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Named-asset identification supports underwriting clarity on exposure location.
Farleigh Mill” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
The incident affected sugar mills in North Queensland, Australia.
incident_location_north_queenslandcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Establishes geographic exposure boundary for regional underwriting assessment.
major Australian sugar producer” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
North Queensland sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Mackay Sugar confirmed a cybersecurity incident affecting parts of its operations and engaged external cybersecurity experts and local authorities to investigate and restore systems.
mackay_sugar_cyber_incident_confirmedfirst party loss potentialvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Cyber incident at named industrial operator with confirmed operational disruption
Australia's second-largest sugar producer said on Wednesday that it was responding to a cybersecurity incident affecting parts of its operations and had engaged cybersecurity experts and local authorities to investigate the attack and restore its systems safely.” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Mackay Sugar has engaged external cybersecurity experts and local authorities to investigate and restore systems.
external_cybersecurity_experts_engagedcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Indicates standard incident response posture; relevant to coverage triggers and forensics costs.
had engaged cybersecurity experts and local authorities to investigate the attack and restore its systems safely” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Supersession history: 1 prior/revised claim rows.
Mackay Sugar has engaged external cybersecurity experts and local authorities to investigate the attack and restore systems safely.
external_response_engagedstatus updatevalid from 15 Jun 2026, 06:28Cyber
Market relevance: Standard incident response posture; supports assessment of remediation timeline and potential BI duration.
had engaged cybersecurity experts and local authorities to investigate the attack and restore its systems safely” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Event lifecycle is held at developing pending further reporting on attack vector, exfiltration, shutdown duration, and financial loss.
lifecycle_developingstatus updatevalid from 15 Jun 2026, 06:28Cyber
Market relevance: Lifecycle status guides monitoring intensity and alert cadence for market participants.
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Local authorities have been notified in connection with the incident response.
authorities_notifiedcontextCyber
Market relevance: Indicates regulatory and possible mandatory notification pathways are in play.
engaged cybersecurity experts and local authorities to investigate the attack” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Event lifecycle is 'developing' following corroboration threshold being met.
lifecycle_status_developingcontextCyber
Market relevance: Lifecycle framing for downstream alert and watchlist posture.
signal -> developing” — Source · 16 Jun 2026, 20:08
Supersession history: 1 prior/revised claim rows.
Mackay Sugar has engaged external cybersecurity experts and local authorities to investigate the attack and restore systems.
external_experts_and_authorities_engagedstatusvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Standard cyber incident response posture; notifiable in jurisdiction and relevant to regulatory cover.
had engaged cybersecurity experts and local authorities to investigate the attack and restore its systems safely” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Supersession history: 1 prior/revised claim rows.

Reported28 lines

Operational disruption to sugar milling/processing
structured linereported
No separate sourced-claim record is available for this line yet.
Mackay Sugar is described as Australia's second-largest sugar producer.
mackay_sugar_market_positioncontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Frames the relative significance of the operator within Australian sugar production for market context.
Australia's second-largest sugar producer” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Supersession history: 1 prior/revised claim rows.
Available evidence indicates the incident is regional and limited to a single operator, with no indication of multi-peril or systemic impact and no designation as critical national infrastructure.
no_indications_of_systemic_impactcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Caps severity for market-wide cyber accumulation scenarios.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
The incident appears regional and limited to a single operator, with no indication of multi-peril or systemic impact, and no designation as critical national infrastructure.
scope_regional_single_operatorcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Single-operator scope caps potential systemic market impact
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
The cyber attack disrupted sugar mill operations during the active harvest period, heightening business interruption exposure for the operator and its supplying growers.
harvest_period_disruptionbusiness interruptionvalid from 15 Jun 2026, 06:28Property
Market relevance: Shutdown during peak operational window increases BI quantum potential
The attack disrupted sugar mill operations during the harvest period, creating potential business interruption and cyber liability exposures.” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
The cyber attack and resulting mill shutdown occurred during the active sugar harvest period, amplifying potential business interruption exposure.
incident_during_harvest_periodseverity contextvalid from 15 Jun 2026, 06:28Property
Market relevance: Harvest-period timing elevates business interruption severity for a seasonal processing operation.
The attack disrupted sugar mill operations during the harvest period, creating potential business interruption and cyber liability exposures.” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
No reporting indicates the affected facilities are designated as critical national infrastructure.
cni_designation_not_indicatedcontextCyber
Market relevance: Absence of CNI designation caps systemic/aggregated loss framing.
responding to a cybersecurity incident affecting parts of its operations” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Canegrowers Mackay is referenced as a stakeholder voice in reporting on the incident and its implications for canegrowers supplying the affected mills.
canegrowers_mackay_stakeholder_commentarycontextProperty
Market relevance: Indicates upstream supply chain (cane growers) exposure to mill disruption.
canegrowers mackay” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
The cyber attack disrupted sugar mill operations during the active harvest period, amplifying potential business interruption exposure.
disruption_during_active_harvest_periodpotential lossProperty
Market relevance: BI severity is elevated when processing is interrupted during seasonal peak production.
The attack disrupted sugar mill operations during the harvest period” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
cyber security incident affecting operations” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Mackay Sugar is described as Australia's second-largest sugar producer.
operator_described_second_largest_sugar_producercontextCyber
Market relevance: Indicates insured profile and revenue scale of the affected operator.
Australia's second-largest sugar producer said on Wednesday that it was responding to a cybersecurity incident” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Available reporting indicates the impact is limited to a single operator in the Mackay region, with no indication of multi-peril, cross-sector, or critical national infrastructure impact.
scope_regional_single_operator_no_systemic_signalcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Supports capping severity below systemic/cat tier; relevant to accumulation assessments.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Mackay Sugar is described as Australia's second-largest sugar producer.
mackay_sugar_australias_second_largest_sugar_producerexposure contextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Establishes the insured's market significance for severity context; supports mid-tier cyber/BI loss expectation, not systemic.
Australia's second-largest sugar producer said on Wednesday” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
The event illustrates ongoing ransomware and cyber extortion risks to industrial and agricultural processing infrastructure in Australia.
industrial_agricultural_infrastructure_risk_contextcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Sector-level risk framing relevant to cyber portfolio accumulation and exposure monitoring.
The event highlights ongoing ransomware and cyber extortion risks to industrial and agricultural infrastructure in the region.” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Mackay Sugar is described as Australia's second-largest sugar producer, providing scale context for potential industry impact.
mackay_sugar_australias_second_largest_producercontextvalid from 10 Jun 2026, 03:14Cyber
Market relevance: Establishes insured profile and relative market significance of the affected operator.
Australia's second-largest sugar producer” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Mackay Sugar is reported to source from approximately 300 mainly family owned farms, indicating a broader supplier ecosystem potentially exposed to disruption.
supplier_ecosystem_300_family_farmscontextvalid from 10 Jun 2026, 03:14Cyber
Market relevance: Suggests potential third-party/liability and contingent BI considerations across the supplier ecosystem.
300, mainly family owned farms” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Mackay Sugar has framed its response around ensuring business continuity.
operator_business_continuity_framingcontextvalid from 10 Jun 2026, 03:14Cyber
Market relevance: Signals operator focus on restoration; may inform expectations on BI indemnity period usage.
ensuring business continuity” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Reporting references approximately 300 mainly family-owned farms supplying Mackay Sugar, providing context for downstream cane supply exposure.
supplier_base_family_farmscontextvalid from 10 Jun 2026, 03:14Property BI
Market relevance: Sizing exposure to growers' potential contingent BI and cane supply disruption
300,mainly family owned farms” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Operator statement emphasises 'ensuring business continuity' as a stated priority during the incident response.
business_continuity_focuscontextvalid from 10 Jun 2026, 03:14Property BI
Market relevance: Indicates BI cover and operational resilience are central to response
ensuring business continuity” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
The cyber attack disrupted sugar mill operations during the active harvest period, raising business interruption exposure.
disruption_during_harvest_periodprimary lossvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Harvest-period timing elevates potential BI quantum for insured losses.
disrupted sugar mill operations during the harvest period” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Supersession history: 1 prior/revised claim rows.
The cyber attack has disrupted sugar mill operations during the active harvest period, creating potential business interruption exposure.
business_interruption_during_harvest_periodloss eventvalid from 15 Jun 2026, 06:28Property
Market relevance: Harvest-period BI elevates severity; relevant to Property/BI and Cyber BI wordings.
The attack disrupted sugar mill operations during the harvest period, creating potential business interruption and cyber liability exposures” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
The cyber attack disrupted sugar mill operations during the active harvest period, with recovery activities ongoing and some disruption expected to continue.
operational_disruption_harvest_periodloss pathwayvalid from 10 Jun 2026, 03:14Property
Market relevance: Seasonal timing elevates potential business interruption quantum for named processing assets.
some disruption while recovery activities occur” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Operator acknowledged 'some disruption while recovery activities occur' across affected facilities.
operational_disruption_processingloss pathwayvalid from 10 Jun 2026, 03:14Property BI
Market relevance: Confirms active business interruption period and recovery underway
some disruption while recovery activities occur” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
The incident creates potential business interruption and cyber liability exposures for industrial/agricultural processing assets.
cyber_bi_exposure_pathwayloss pathway identificationvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Establishes primary insured loss pathways under Cyber and Property/BI covers for an industrial processor.
The event highlights ongoing ransomware and cyber extortion risks to industrial and agricultural infrastructure in the region.” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Potential impact is held at medium banding, capped by regional/single-operator scope and undisclosed quantum drivers.
severity_held_mediumseverity bandvalid from 16 Jun 2026, 20:08Cyber
Market relevance: Severity banding informs portfolio exposure triage and reserving considerations.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
The incident highlights cyber and BI exposure for industrial and agricultural processing operators, with potential business interruption and cyber liability pathways in play.
industrial_agricultural_processing_exposurerisk accumulationCyber
Market relevance: Reinforces cyber and BI risk accumulation concerns across industrial/agricultural processing.
The event highlights ongoing ransomware and cyber extortion risks to industrial and agricultural infrastructure in the region.” — The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
Confirmed facility shutdowns at two named processing assets indicate a credible cyber-driven business interruption exposure pathway, in addition to first-party and potential extortion elements.
business_interruption_exposure_cyberexposure pathwayvalid from 14 Jun 2026, 16:18Cyber
Market relevance: Highlights cyber-driven BI as a material exposure for industrial/agricultural processing accounts.
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Mackay Sugar is undertaking recovery activities and acknowledges some disruption while recovery occurs.
recovery_underwaycontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Active recovery posture consistent with managed cyber incident response
some disruption while recovery activities occur” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Operational disruption to sugar milling and processing has been reported while recovery activities proceed.
operational_disruption_milling_processingloss eventvalid from 10 Jun 2026, 03:14Cyber
Market relevance: Indicates active business interruption; duration uncertainty limits quantum.
some disruption while recovery activities occur” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media

Uncertain18 lines

Nature of the attack (ransomware, other)
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Extent of operational and financial loss
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Whether data was exfiltrated
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Duration of shutdown
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Insurance claim details
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Available evidence suggests impact is limited to a single regional agricultural processor rather than critical national infrastructure or multi-peril systemic exposure.
scope_likely_regional_not_cnicontextCyber
Market relevance: Caps plausible insured severity; argues against broad market-wide loss expectation
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Source extraction flags a possible third mill reference ('3 mills') alongside the headline stating two mills; narrative and corroborating coverage are consistent on two mills shut down, with no source-body confirmation of a third.
number_of_mills_affected_ambiguitycontextProperty
Market relevance: A third affected facility would marginally raise BI exposure; current evidence supports two.
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
The operational and financial loss from the incident has not been disclosed.
financial_loss_undisclosedcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Quantum remains unquantified; severity banding held at medium pending disclosure.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Estimated financial loss, insurance claim status, and any ransom demand are not disclosed in available reporting.
financial_loss_uncertainuncertaintyCyber
Market relevance: Limits ability to size insured loss
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
No insurance claim details, carrier involvement, or coverage notification have been publicly disclosed.
insurance_claim_details_undisclosedcontextCyber
Market relevance: Insurance pathway is unconfirmed; no carrier or cover line can be asserted.
Cyber attack shuts down two Mackay Sugar mills” — abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Whether personal or corporate data was exfiltrated has not been confirmed in available sources.
data_exfiltration_uncertainuncertaintyCyber
Market relevance: Drives notification costs, regulatory exposure, and third-party liability under Cyber cover
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Nature of the attack (e.g., ransomware, other intrusion type) is not disclosed in available reporting.
attack_vector_uncertainuncertaintyCyber
Market relevance: Affects whether extortion/ransomware sub-limits apply
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Duration of the mill shutdown and full recovery timeline are not disclosed.
shutdown_duration_uncertainuncertaintyProperty BI
Market relevance: Primary driver of business interruption quantum
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Whether data was exfiltrated in the attack has not been disclosed.
data_exfiltration_undiscloseduncertaintyvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Data exfiltration materially changes third-party liability and notification cost exposure
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
The expected duration of the mill shutdown has not been disclosed.
shutdown_duration_undisclosedcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Key driver of BI quantum under property and cyber covers.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
Whether data was exfiltrated in the attack has not been disclosed.
data_exfiltration_status_undisclosedcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Material to third-party liability and regulatory notification triggers under cyber covers.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
The specific attack vector (e.g., ransomware, other) has not been disclosed.
attack_vector_undisclosedcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Limits loss-pathway certainty; affects ransomware vs. other cyber trigger assessment.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.
No insurance claim details have been disclosed.
insurance_claim_status_undisclosedcontextvalid from 15 Jun 2026, 06:28Cyber
Market relevance: Limits direct market-loss confirmation; event remains indicative for cyber market exposure.
The Record (Cyber) · 10 Jun 2026, 15:18 · trade media
abc.net.au · 10 Jun 2026, 04:30 · mainstream media
Supersession history: 1 prior/revised claim rows.

Affected countries

🇦🇺 Australia

Latest developments

  • No insurance claim details have been disclosed. abc.net.au
  • The financial loss from the incident has not been disclosed. abc.net.au
  • Mackay Sugar has publicly confirmed a cyber security incident affecting its operations. The Record (Cyber)
  • Two Mackay Sugar mills were shut down following the cyber attack. abc.net.au
  • Farleigh Mill was identified as one of the affected facilities. abc.net.au
  • Mackay Sugar is described as Australia's second-largest sugar producer. The Record (Cyber)
  • The incident affected sugar mills in North Queensland, Australia. abc.net.au
  • External cybersecurity experts and local authorities have been engaged to investigate and restore systems. The Record (Cyber)

Timeline

Status Change19 Jun 2026, 07:30

Status changed to monitoring

Auto-transitioned: no updates for 6 hours

active -> monitoring

Corroboration19 Jun 2026, 01:23

Two of Mackay Sugar's sugar mills (Farleigh and Racecourse) were shut down after an overnight cyberattack, with control systems isolated and harvesting halted. The third mill (Marian) had not yet commenced crushing. The incident occurred early in the harvest season, with industry expecting only days of disruption. Insurance significance centres on cyber and potential business interruption exposure for the operator.

Source: r/Mackay (Social / Community) · View source

Status Change19 Jun 2026, 01:23

Status changed to active

evidence_trigger: developing_promotion

developing -> active

Corroboration19 Jun 2026, 01:23

Mackay Sugar, Australia's second-largest raw sugar producer, suffered a cybersecurity incident around June 10, 2026, that halted sugar production at two factories in the Mackay region of Queensland and disrupted sugarcane milling and rail transport. The incident forced farmers to suspend harvesting, with no timeline yet provided for system recovery. The event has potential Cyber and Property/BI exposure for the affected industrial facilities, but loss estimates remain unavailable.

Source: r/CyberIncidentReports (Social / Community) · View source

Status Change15 Jun 2026, 06:28

Status changed to developing

evidence_trigger: corroboration >= 2

signal -> developing

Corroboration15 Jun 2026, 06:28

Australia's second-largest sugar producer suffered a cybersecurity incident affecting parts of its operations, engaging external experts and authorities to investigate and restore systems. The attack disrupted sugar mill operations during the harvest period, creating potential business interruption and cyber liability exposures. The event highlights ongoing ransomware and cyber extortion risks to industrial and agricultural infrastructure in the region.

Source: The Record (Cyber) (Trade Media) · View source

Initial Detection14 Jun 2026, 16:18

Initial Detection

A cyber attack has forced the shutdown of two sugar mills operated by Mackay Sugar in North Queensland, Australia. The incident caused operational disruption to industrial processing facilities, raising concerns about business interruption and cyber insurance exposure for industrial/agricultural processing assets.

Cyber attack shuts down two Mackay Sugar mills

Source: abc.net.au (Mainstream Media) · View source

Lloyd's classifications

Tracking this kind of risk? Get an email when Cyber events escalate.

Get alerts
← Back to live events