The Alphalocker ransomware group, a known Ransomware-as-a-Service (RaaS) operation, has claimed responsibility for breaching multiple international companies. The threat actor has begun leaking data from the compromised organizations on its dark web leak site.
The latest list of alleged victims posted by the group includes:
- Automotive Manufacturers Private Limited (AMPL) (🇮🇳): A major Indian automotive group based in Mumbai. Founded in 1948, AMPL is a dealer for numerous brands, including Kia, Maruti Suzuki, and Audi.
- Bäckerei-Konditorei Unterkofler GmbH (🇦🇹): A prominent Austrian bakery and confectionery company. Founded in 1971, the family-run business operates several bakery and café locations. The actors claim to have stolen 117 GB of data from this victim.
According to the actors, data has been exfiltrated from both organizations and is being published to pressure the victims. Screenshots of the allegedly compromised data have been released, showing a wide array of sensitive files.
The compromised data appears to include:
- Financial records, including audits, balance sheets, and GST working files
- Bank statements and reconciliation documents
- Insurance policies and related documents
- Customer and dealer confirmation balances
- Internal operational files, including VAT orders and service reports
- Compressed archives (
.zip) containing backups or departmental data
