Threat actors tried the double-extortion method, replete with trying to get media coverage.
“ALTDOS,” as they call themselves, contacted a number of news outlets in Thailand and announced that they had attacked CGSEC on December 4.
Its sensitive financial & customer database was stolen and files are encrypted.
All of their financial records and client’s sensitive information are already stolen.
Source: https://www.databreaches.net/thai-securities-trading-firm-goes-offline-after-cyberattack/
TPRM report: https://scoringcyber.rankiteo.com/company/country-group-securities-public-company-limited
"id": "cou156121122",
"linkid": "country-group-securities-public-company-limited",
"type": "Cyber Attack",
"date": "12/2020",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"{'affected_entities': [{'location': 'Thailand',
'name': 'CGSEC',
'type': 'Company'}],
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Financial Records',
"Client's Sensitive "
'Information']},
'date_detected': '2023-12-04',
'description': 'Threat actors known as ALTDOS conducted a double-extortion '
'attack on CGSEC, stealing sensitive financial and customer '
'data and encrypting files. They also attempted to gain media '
'coverage by contacting news outlets in Thailand.',
'impact': {'data_compromised': ['Financial Records',
"Client's Sensitive Information"]},
'motivation': 'Financial Gain, Media Attention',
'ransomware': {'data_encryption': True, 'data_exfiltration': True},
'threat_actor': 'ALTDOS',
'title': 'ALTDOS Cyber Attack on CGSEC',
'type': 'Double-Extortion Ransomware'}