Ransomware Group: APT73

VICTIM NAME: federalbank[.]co[.]in

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the APT73 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page from an incident involving a prominent Indian financial services institution reveals a significant data compromise affecting a vast number of users. Specifically, the leak encompasses data for approximately 4,066 users, alongside extensive details about customers, including identifiers typically associated with banking information. The data extracted showcases a comprehensive array of personal information field entries, illustrating the potential risk to user privacy. Additionally, there are 66 employees and 36 third-party entities mentioned, which could imply broader implications for associated businesses and contractors. The discovered date of the breach is noted as December 20, 2024, which aligns with the published date of the leak.

The posted content highlights that sensitive personal data, potentially including names, dates of birth, and identification numbers such as PAN and passport references, has been exposed. The leak is further substantiated by a screenshot depicting elements of internal documents, affirming the authenticity of the information disclosed. Despite the leakage of such sensitive material, no specific download links were mentioned on the page. The incident is attributed to a group operating under the alias “apt73,” underscoring the organized nature of the attack. Given the large volume of exposed data, this incident poses extensive cybersecurity concerns for the financial services sector, necessitating rigorous responses from both the institution’s management and industry regulators.