Play crime group lists Algorry Zappia & Associates as a data breach victim

The Play ransomware group has issued a threat to release the data of an Sydney based engineering firm Algorry Zappia & Associates. 

Play group asserts that they have gained unauthorized access to an undisclosed amount of the company's data. The group added Algorry Zappia & Associates to their darknet leak site, and  intend to publish the data on August 16th.

Algorry Zappia & Associates is involved in various projects like multi-level apartment complexes, warehouses, and service stations. The engineering firm website also provides several online services, including functions like invoice payments, building inspections, and secure document transfers. These services offer insights into the type of data that the Play group may have acquired and could potentially release this week. The ransomware group alleges to possess a range of sensitive information, including private and confidential data, client and employee documents, as well as financial records. The very mention fo secure document transfers may be an intro into another MOVEit or GoAnywhere incident.

The Play ransomware gang, which has been operational since June 2022 predominantly targets entities in South America. The modus operandi of the Play group typically involves exploiting a set of vulnerabilities to initially breach Microsoft Exchange environments, followed by escalating access and establishing persistence within the compromised network.

No confirmation nor statement is available from Algorry Zappia & Associates.