Trending

ee-track">
Link copied!

Maze ransomware operators allegedly struck provincial electricity authority and mark’s plumbing parts – data leak

Update as of 06/19/2020: Maze ransomware operators, who are one of the well-known ransomware groups targeted two well-established organisations and leaked their confidential data on their website. Previously the Cyble Research Team verified and reported the data…

June 19, 2020 · 2 min read

Update as of 06/19/2020: Maze ransomware operators, who are one of the well-known ransomware groups targeted two well-established organisations and leaked their confidential data on their website.

Previously the Cyble Research Team verified and reported the data leak of seven well-known organisations which were been made by the Maze ransomware group. But in this instance, the ransomware group leaked highly sensitive data and documents of the Provincial Electricity Authority and Mark’s Plumbing Parts. The Provincial Electricity Authority (PEA) is a Thai state enterprise under the Ministry of Interior. Established on 28 September 1960 by the Provincial Electricity Authority Act 1960, PEA is responsible for providing electricity in 74 provinces in Thailand. Since 1980, Mark’s Plumbing Parts has been a supplier of quality plumbing specialty repair parts, faucets, fixtures, and maintenance supplies catering to the institutional, hospitality, educational, and housing markets for over 30 years.

Below are the snapshots of the messages posted by the Maze ransomware operators on their website.

Screen Shot 2020 06 22 at 1.37.24 pm
Screen Shot 2020 06 22 at 1.38.15 pm

The Cyble Research Team has identified and analysed both the data leaks of around 13GB. The data leak includes the company’s annual audit documents, bank reconciliation statements, goods resale registration docs, invoices, and much more. Below are the snapshots of some of the leaked data of the organisations published online.

Screen Shot 2020 06 22 at 1.58.17 pm
Screen Shot 2020 06 22 at 1.56.15 pm
Screen Shot 2020 06 22 at 1.57.12 pm

We recommend people to:

  • Never share personal information, including financial information over the phone, email or SMSs
  • Use strong passwords and enforce multi-factor authentication where possible
  • Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
  • Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
  • Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
  • People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.

About Cyble:

report-ad-banner

Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks.

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams