Big Steel Sheet Manufacturer Struck by Maze Ransomware

  • The Maze ransomware group has hit HSG, one of the largest steel sheet makers in Asia.
  • The actors have leaked 5% of the stolen data, exposing the faces and documents of HSG employees.
  • Maze has also compromised the systems of Manson Marine Construction in the United States.

The Maze ransomware gang is so extensive and active right now that we have to select which stories to report and which ones to leave aside. One of their most prominent recent breaches involves the “Hoa Sen Group” (HSG), a big steel sheet manufacturer in Southeast Asia. The malicious actors have already leaked several pieces of sensitive information to initiate their typical extortion process. The demanded ransom is unknown, but considering the size of HSG, it must be an astronomical figure.

The Hoa Sen Group is one of the largest steel sheet manufacturers in Southeast Asia, employing 7,100 people across 343 locations, and having a yearly revenue of $1.18 billion. Maze managed to break in HSG’s systems and steal about 33 GB of data. At this stage, the group leaked 1.64 GB of sensitive information, including files that expose the company’s employees.

There are pictures of HSG employees, a large number of employment letters, resumes, academic documents, identity cards, etc. Cyble discovered the data by roaming around the usual Maze portals, so here are some screenshots of the leaked data.

id card
Source: Cyble

Source: Cyble

Source: Cyble

In parallel, another handle of Maze breached American marine construction service provider “Manson,” who hasn’t disclosed the incident publicly yet. This report comes from Shadow Intelligence, who found the associated data dump with the note that it’s the entire (100%) stolen dataset. Manson cannot compare in size to HSG, but they are still a large entity employing 700 people and having annual revenues of $369 million.

The fact that Maze proceeded to release the full dump, though, is an indication that the extortion procedure didn’t go the way the actors hoped for, so they just published everything as a punishment.

Maze is one of the most troubling ransomware families out there, along with REvil, Netwalker, and DoppelPaymer, hitting victims with file encryption and data leak extortion. Especially for large firms like the Hoa Sen Group, plugging all potential entry points and securing their entire attack surface is a difficult feat.

Malicious actors are going after these behemoths since one successful attack could make them enough money to never engage in this activity again. This is why these firms receive multiple knocks daily and can’t just pay their way to peace of mind.

How to Watch The Famous Five Online for Free: Stream the 2023 Series from Anywhere
The Famous Five is a new original series inspired by Enid Blyton’s children’s novels. The title premieres on December 9, 2023, on...
How to Watch Ben Roberts-Smith: Truth on Trial Online from Anywhere
Ben Roberts-Smith: Truth on Trial is an upcoming documentary that centers around the investigative findings by journalists Nick McKenzie and Chris Masters...
How to Watch Yes, Chef! Christmas Online from Anywhere
Yes, Chef! Christmas follows Alicia, a culinary school instructor with no goals or aspirations. When Alicia receives an invitation to compete in...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari