The Everest ransomware group claims to have breached multiple organizations, listing them on their data leak site with countdown timers for data publication. The latest list of alleged victims posted by the group includes:
-
IDeaS (🇺🇸): A prominent revenue management software and services provider, and a subsidiary of SAS.
-
Bolttech (🇸🇬): A major international insurtech exchange and unicorn headquartered in Singapore.
-
DESY (🇩🇪): The Deutsches Elektronen-Synchrotron, a national research center in Germany specializing in particle physics and accelerators.
According to the actor, they have exfiltrated significant amounts of sensitive information from the victims. The allegedly compromised data includes:
-
IDeaS (603GB):
-
Demand forecasts and pricing models
-
Booking curves and property inventory
-
Historical performance metrics
-
SAS tables and SQL databases
-
Internal algorithmic parameters and inputs
-
-
Bolttech (186GB):
-
Employee and agent accounts (emails, names, roles, identifiers)
-
Customer information and contact details
-
Policy data and mortgage-related records
-
Insured property addresses
-
Financial parameters and internal operational identifiers
-
