Grupo NGN
Grupo NGN
Group: alphv
Discovered by ransomware.live: 2023-07-26
Estimated attack date: 2022-12-01
Description:
Grupo NGN has refused to protect their customers' data and access to their networks. This link (TOR) contains Grupo NGN's random files: http://qojfcbvlumvzmiu4tyixawquk6bjiwv74aeaubxwtq7rmw4qq7sv2jad.onion/GRUPGN/ Auction ends Dec. 8 for all sensetive data of Grupo NGN and their customers, including - Access to multiple networks of Grupo NGN clients (with their networks secured, password changes will not help defend against an attack) - NDA documents and records of Grupo NGN customers' conversations - Personal data about employees and customers of Grupo NGN - Financial information of Grupo NGN and their clients that can be used for criminal purposes To participate in an auction to purchase Grupo NGN and their customer data, you can email: grupongndatasale@proton.me GRUPONGN.COM HACKED. MORE THAN 200GB OF SENSITIVE DATA STOLEN.
DNS Records:
The following DNS records were found for the victim's domain.
- abuse ionos.com
- grupongn.in.tmes.trendmicro.com.
- grupongn-com.mail.protection.outlook.com.
- MS=ms79953845
- v=spf1 include:transmail.net include:spf.protection.outlook.com include:mail.zohoanalytics.com include:zcsend.net include:zeptomail.net include:spf.tmes.trendmicro.com include:spf-us.emailsignatures365.com include:ngncontactcenter.onmicrosoft.com include:" "mailgun.org ip4:162.252.248.0/22 ~all
- site24x7-signals-domain-verification=dcb2bbe383244f773a1b196133ecc4a5
- google-site-verification=nqARhc2cpGDO5iZGfYkFIu6WYEHhVOlUluaP8McgxBA
- facebook-domain-verification=3ysldmhoh8ixildbqjm4fnzoi4q9c5
- hes=b60467ef1949b47f3eded4095ec9bf91
Leak Screenshot:
