Ransomware Group: BLACKBASTA

VICTIM NAME: plasmatherm[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKBASTA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page for the victim, identified as Plasma-Therm, details a significant data breach affecting a prominent manufacturer in the technology sector, specifically in advanced plasma-processing equipment for the semiconductor industry. Established over 50 years ago, Plasma-Therm provides critical technologies for applications such as semiconductor packaging, solid-state lighting, and renewable energy. The leaked data is substantial, with an estimated size of 1.5 TB, including sensitive financial data, contracts, personal employee information, project CAD files, and research and development documents. This incident highlights serious cybersecurity vulnerabilities faced by the company.

The breach was made public on January 11, 2025, and is associated with the Black Basta group, a known entity in ransomware activities. The leaked content encompasses various categories, detailing confidential and proprietary information that could have serious implications for the company and its stakeholders. Furthermore, the group has reported that multiple user accounts had been compromised, with some references made to employees’ and customers’ data. The situation requires immediate attention from Plasma-Therm to mitigate the potential risks associated with this data compromise and to enhance their cybersecurity measures going forward.