Big Steel Sheet Manufacturer Struck by Maze Ransomware

  • The Maze ransomware group has hit HSG, one of the largest steel sheet makers in Asia.
  • The actors have leaked 5% of the stolen data, exposing the faces and documents of HSG employees.
  • Maze has also compromised the systems of Manson Marine Construction in the United States.

The Maze ransomware gang is so extensive and active right now that we have to select which stories to report and which ones to leave aside. One of their most prominent recent breaches involves the “Hoa Sen Group” (HSG), a big steel sheet manufacturer in Southeast Asia. The malicious actors have already leaked several pieces of sensitive information to initiate their typical extortion process. The demanded ransom is unknown, but considering the size of HSG, it must be an astronomical figure.

The Hoa Sen Group is one of the largest steel sheet manufacturers in Southeast Asia, employing 7,100 people across 343 locations, and having a yearly revenue of $1.18 billion. Maze managed to break in HSG’s systems and steal about 33 GB of data. At this stage, the group leaked 1.64 GB of sensitive information, including files that expose the company’s employees.

There are pictures of HSG employees, a large number of employment letters, resumes, academic documents, identity cards, etc. Cyble discovered the data by roaming around the usual Maze portals, so here are some screenshots of the leaked data.

id card
Source: Cyble

Source: Cyble

Source: Cyble

In parallel, another handle of Maze breached American marine construction service provider “Manson,” who hasn’t disclosed the incident publicly yet. This report comes from Shadow Intelligence, who found the associated data dump with the note that it’s the entire (100%) stolen dataset. Manson cannot compare in size to HSG, but they are still a large entity employing 700 people and having annual revenues of $369 million.

The fact that Maze proceeded to release the full dump, though, is an indication that the extortion procedure didn’t go the way the actors hoped for, so they just published everything as a punishment.

Maze is one of the most troubling ransomware families out there, along with REvil, Netwalker, and DoppelPaymer, hitting victims with file encryption and data leak extortion. Especially for large firms like the Hoa Sen Group, plugging all potential entry points and securing their entire attack surface is a difficult feat.

Malicious actors are going after these behemoths since one successful attack could make them enough money to never engage in this activity again. This is why these firms receive multiple knocks daily and can’t just pay their way to peace of mind.

How to Watch European Beach Volleyball Championships 2022 Online From Anywhere
The 2022 European Championships are in full swing, and the European Beach Volleyball Championships are about to reach crunch time. With 128...
How to Watch Homicide Hunter: Never Give Up Online From Anywhere
Lt. Joe Kenda enthralled audiences with tales from the hundreds of murder cases he investigated throughout the 9 seasons of Homicide Hunter....
How to Watch Hotties Online From Anywhere: Stream the Blind Date Food Competition Series
If you like blind date reality shows as much as cooking competitions and extremely spicy food, you'll most probably love this new...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari