Revenge telecom hacking by DESORDEN Group; third attack threatened
DESORDEN Group has added a new transparency demand to their attacks against Malaysian entities: victims must disclose the breach publicly if they have not paid the attackers. If the victim doesn’t disclose and Malaysian media does not report the incident, Malaysia should expect more breaches.
The added demands arose after DESORDEN claimed they spent hours answering questions from a Malaysian journalist about the redONE telecom breach. The journalist then supposedly told them that they needed to seek permission from a higher authority before their paper could publish a data breach of a telecom in Malaysia. DataBreaches does not know whether a journalist or paper needs any such authorization or if there was some misunderstanding of what was said. Still, it does appear that the hack of redONE was not reported by any Malaysian news outlet. If redONE has not disclosed and does not disclose, affected customers and employees may not know that their data has been stolen, leaked, and possibly sold.
redONE never responded to inquiries DataBreaches sent about the incident.
A Second Telecom Hacked
In response to the lack of transparency and coverage, DESORDEN hacked a second Malaysian telecom.
“We take responsibilities for the hack and data breach of REDTONE DIGITAL BHD NETWORK (www.redtone.com) on 1st October 2022,” their latest post on a hacking forum begins.
“This attack is in response to the cover-up of the first telecommunication company redONE Network Sdn Bhd (www.redone.com.my) which we breached on 19th September 2022….”
DESORDEN’s post states that REDTONE DIGITAL BHD NETWORK is the previous owner of redONE.
As they have done previously, DESORDEN provided samples of data they claim to have exfiltrated. They do not indicate how many files, in total, they have. Nor do they indicate whether they intend to sell or leak the data.
Their message is clear, though:
If Malaysian journalists continue to cover up the data breaches, Malaysians can expect a 3rd telecom company attack.
As of this morning, DataBreaches cannot find any media coverage in Malaysia of either the redONE or redTONE breaches.
DataBreaches submitted an inquiry to redTONE, but no reply was immediately received. This post will be updated if a response is received.