Ransomware Group: BABUK2

VICTIM NAME: bank[.]pingan[.]com (CN) By Babuk Locker 2[.]0

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BABUK2 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page related to the victim, Ping An, a conglomerate based in China, presents significant details regarding sensitive information that has allegedly been compromised. The provided contents highlight the type of data accessed, which includes intricate details related to insurance coverage. Specifically, this stolen data allegedly contains policyholder names, identification numbers, coverage periods, and financial amounts tied to various insurance policies. This information encompasses the coverage details for individuals insured under the company, including monetary limits for medical expenses, accidental death, and disability benefits. The page implies serious implications for clients due to the sensitive nature of the healthcare and financial data involved.

In addition to the data description, the page suggests that the perpetrators are threatening to publish approximately 900 GB of data if communication is not established. This threat underscores the critical issue of data security and the potential ramifications for victims should such sensitive data be released publicly. Moreover, the page includes an image that likely portrays certain internal documents or indicative elements of the breach. Although there are download links available for various services mentioned, such as sessions and support contacts, actual downloadable content appears to be unverified. As the situation develops, the implications for Ping An’s operations across its banking, insurance, and healthcare sectors may become increasingly severe.