The Rhysida ransomware group has allegedly targeted Alascom, an Italian company specializing in ICT and industrial automation. The company, which has been operating for over two decades, is known for its role as a system integrator and supplier of technical consulting services, with deep expertise in telecommunication networks and IP technologies. The ransomware group has added Alascom to its dark web leak site, claiming responsibility for the cyberattack.
Rhysida has initiated an auction for the data allegedly exfiltrated from Alascom’s systems, setting a 7-day deadline for potential buyers. The group is demanding 5 BTC for the data package, stating that it contains “exclusive, unique, and impressive data” which will be sold to a single buyer to ensure exclusivity. This tactic is designed to create urgency and pressure the victim company or interested third parties into paying the ransom.
As proof of the breach, the Rhysida group has published a sample of the stolen files. The exposed data allegedly includes a variety of sensitive information, suggesting a deep compromise of the company’s network. The sample files contain:
- Financial documents, including invoices and VAT summaries.
- Scans of employee identification documents and passports.
- Corporate purchase orders, some of which appear to involve major telecommunications partners like Nokia.
