Ransomware Group: BLACKBASTA

VICTIM NAME: g-s[.]co[.]uk

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKBASTA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page regarding Graham + Sibbald, a prominent property consultancy service in the UK, details a significant data breach involving various types of sensitive information. The group responsible for the attack is identified as “blackbasta.” The leaked data is extensive, totaling approximately 1.5 terabytes and includes personal documents belonging to both employees and clients, financial data, and other corporate information. The discovery of this breach was recorded on December 4, 2024. Furthermore, the page indicates that some user data was compromised alongside corporate and important personal records, underscoring the severity of the incident.

The page features a description of Graham + Sibbald’s community engagement initiatives, emphasizing its long history of supporting local schools and providing career opportunities. It indicates that the company engages in activities such as work placements for secondary school students and participation in career fairs. However, this focus on community benefits contrasts sharply with the recent ransomware attack. A screenshot of internal documents purportedly related to the breach accompanies the leak announcement, further illustrating the ramifications of such compromises. It is important for the cybersecurity community and the affected organization to address the vulnerabilities that allowed for this data theft to occur.