The Thai Ministry of Labour (MOL) has allegedly become the latest victim of the notorious DEVMAN ransomware group. The group has claimed to have exfiltrated 300GB of sensitive data and is demanding a $15 million ransom. The Ministry of Labour is a critical government body in Thailand, responsible for overseeing labor relations, social security, and employment services for the nation’s workforce. The potential compromise of such an institution raises serious concerns about the security of sensitive citizen and government data.
The DEVMAN group, known for its double-extortion tactics of encrypting files and threatening to leak stolen data, announced the breach on its dark web leak site. While the full extent and nature of the compromised data have not been publicly disclosed, the attackers have pointed to specific government domains as evidence of their intrusion. This incident highlights the persistent and evolving threat that ransomware poses to public sector organizations worldwide, often crippling essential government services and exposing sensitive information.
This attack serves as a stark reminder of the importance of robust cybersecurity measures for government agencies. The Thai government has not yet issued a formal statement regarding the alleged breach. The long-term consequences of this attack could be significant, potentially leading to identity theft, financial fraud, and a loss of public trust if sensitive personal and employment-related data is released.
