Ransomware Group: BABUK2

VICTIM NAME: forvismazars[.]com[.]fr ( mazars[.]fr ) By Babuk Locker 2[.]0

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BABUK2 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with the company known as Mazars provides alarming insights into the data that has allegedly been compromised. Reports indicate that approximately 33GB of sensitive information has been extracted from their systems, including client and employee details. Additionally, the page threatens to publish up to 1 terabyte of sensitive data if a resolution is not met. This company, which boasts a reported revenue of €2.8 billion in 2022, has been challenged to respond to this breach of their privacy and security measures. The originating threat actor is identified as Babuk Locker 2.0, indicating a sophisticated cybercriminal group involved in this incident.

Mazars operates as a global provider of audit, accounting, and consulting services, employing over 40,400 professionals across 91 countries. Based in France, Mazars differentiates itself by publicly publishing financial statements, which is relatively rare in their field. The leaked page also alludes to illegal activities associated with this firm, including allegations of money laundering, urging potential partners to reconsider their associations with Mazars. The threat actor has claimed that previous sensitive data leaks from the company were posted and warns that further actions will follow without negotiations. This situation underlines significant cybersecurity risks facing large enterprises, raising concerns about the integrity of data handling practices in the industry.