Ransomware Group: FOG

VICTIM NAME: Ouro Verde (ouroverde[.]net[.]br)

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the FOG Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with Ouro Verde has revealed a significant amount of sensitive information. While specific dates of the compromise are unspecified, the page indicates a breach that has exposed about 4 GB of data. Among the documents listed are financial records, which may include sensitive details such as employee and customer contact information. Notably, the documents contain CNPJ and CPF numbers, which are identifiers used in Brazilian tax and corporate registration systems. This data could pose serious risks of identity theft and fraud for those affected.

Ouro Verde, a leading Brazilian company in the car and equipment rental and service industries, operates through fleet outsourcing agreements ranging from two to seven years. With annual revenue reported at approximately $460 million, the exposure of such critical data could have substantial financial and reputational impacts on the company’s operations. The presence of various categories of files further indicates a deep breach that encompasses both personal and corporate data, heightening the seriousness of the incident. The leak highlights the vulnerabilities that organizations face in safeguarding sensitive information against cyber threats.