Ransomware Group: FUNKSEC

VICTIM NAME: mandiricoal[.]net

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the FUNKSEC Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page related to mandiricoal.net reveals a significant data breach attributed to the Funksec ransomware group. It announces the availability of a database for download that contains sensitive information, highlighting full tables including doc_comment_data, payments, doc signs, users, timesheet, wfo data, and comments. This leak underscores the magnitude of the breach and the potential impact on the company and its stakeholders. The presence of a downloadable database raises serious concerns about the exposure of confidential data which could be exploited in various ways.

Mandiricoal.net is associated with Mandiri Coal, a coal mining entity operated by PT Mandiri Intiperkasa, part of the larger PT Prima Andalan Mandiri Tbk, based in Indonesia. The company is involved in mining activities within Nunukan, North Kalimantan, and is known for producing coal with environmentally friendly characteristics, such as low ash and sulfur content. Mandiri Coal focuses on sustainable practices and is committed to adhering to ISO certifications related to quality, safety, and environmental management. The breach of their data is particularly concerning given their operations in a critical industry where trust and confidentiality are paramount.

The page also includes a screenshot of the website’s interface, emphasizing the seriousness of the breach and potentially revealing more about the type of data that has been compromised. While specific download links for the leaked data are mentioned, they have not been provided here to maintain safety and confidentiality. The incident serves as a stark reminder of the vulnerabilities even established companies face in an increasingly digital landscape.