BlackCat/ALPHV Ransomware Victim: GMM Grammy Public Company Limited

Description

• GMM Grammy – the media company with the lowest level of security in Asia. GMM Grammy’s critical sensitive data is downloaded to our servers and encrypted, only we have access to decrypt this data. All data is ready to be uploaded into the public domain automatically in 48 hours after the attack. GMM Grammy has a chance to recover their data and protect their customers and employees from having their data used for criminal purposes. GMM Grammy management is aware of this incident and have all the information they need to contact us. Critical information of GMM Grammy and its partners, clients, musicians and showbiz stars will be fully disclosed and available to anyone who wishes to access it if GMM Grammy does not contact us within 48 hours. The information we have is capable of completely disrupting GMM Grammy’s business, severely harming the showbiz stars doing business with them and implicating all GMM Grammy clients in cases of lawbreaking using their personal information. ATTTENTION! GMM Grammy has 48 hours from the time of the attack on them. If they do not contact us within that time, they will face dire consequences for their business and reputation. GMM Grammy management is in full possession of all information to resolve this matter and their failure to act will constitute a direct consent to the distribution and criminal use of their customers, show business stars and product users’ information. GMM Grammy management should understand that this incident is just business. Business is about keeping sensitive and personally identifiable user and customer data secure by companies that do not treat it with respect for their customers and their privacy. Having all access to all resources of GMM Grammy (YouTube, Facebook, Google, all accounts of social networks and cloud storages) we did not attack from this side, having all possibilities, this step shows our intentions – to make user data storage by big companies a completely safe process. At the same time we can not influence the outcome of this incident as all negative consequences will be launched by GMM Grammy’s fault without our participation if GMM Grammy will not contact us and solve this problem within 48 hours. If GMM Grammy does not contact us in the specified time, there will be many negative consequences due to their fault: – The administration of King of Thailand will be informed about this incident. The King of Thailand will be provided all evidence of GMM Grammy’s guilt in this incident and their initiative to use their customers’ data to launder money for their own commercial interests – The users of the services provided by GMM Grammy through its affiliated companies (TV, film studios, equipment and technical solutions) will be involved in money making in China, USA, Thailand and throughout Asia using their personal data – All personal data of the showbiz stars and musicians contracted by GMM Grammy will be made public – All technical developments and their descriptions, githubs and source codes will be uploaded to the largest hackers’ forums of the world, followed by attacks on all GMM Grammy clients and GMM Grammy’s entire product system – All legal documents including contracts, agreements, NDA documentation will be made publicly available, and a link to download them will be sent to hundreds of journalists in major media outlets around the world – A mass social media alert will be launched all over Asia about the incident, with links to all the materials. Thousands of bots will spread information about the incident to millions of people in Asia – All GMM Grammy vulnerabilities will be reported to multiple hacker groups, so if GMM Grammy fails to contact us within 48 hours, they will be targeted in massive attacks. At this time, GMM Grammy’s management, with all the information about this incident, is making the choices it believes in and is making the decision regarding the security of their clients’ data that it wholeheartedly supports. We hope that GMM Grammy’s customers will react favorably to this decision, and that their personal information will remain protected. If GMM Grammy makes the right decision and protects its customers’ information on our terms, we will provide them with full information about the vulnerabilities in their system with detailed recommendations on how to fix them. Also, if GMM Grammy contacts us within 48 hours of the attack and meets all data recovery conditions, this blog will not be published and they will have the opportunity to fully recover their data and remove it from our servers. If this blog is published, it is proof of GMM Grammy’s complete culpability for all the consequences of this incident, as well as their culpability for all the terrible consequences their customers and partners will face.