FalconFeeds.io, a cybersecurity services provider under Tsanct Technologies Pvt Ltd, reported that a ransomware group, RansomHub, has breached the systems of Prasarana Malaysia Berhad (RapidKL, RapidBus) and allegedly stole 316GB of the organisation’s data. The group also plans to publish the data in the next six to seven days.
Prasarana responded to the news today, stating that its cybersecurity team has identified the incident and is actively addressing it, involving unauthorised access to some of its systems.
“We are managing the situation and working with cybersecurity experts to investigate and implement mitigation steps. Our priority is the safety and reliability of public transportation services. We confirm that this incident does not affect our daily operations,” the statement read.
Prasarana also noted that it’s collaborating with the National Cyber Security Agency (NACSA) and CyberSecurity Malaysia to ensure all necessary measures are being taken. This joint effort aims to provide a comprehensive response and protect its systems.
“We will continue to provide updates as necessary. Our focus remains on resolving the issue promptly while ensuring that our services continue to meet the public’s needs,” the statement concluded.
Who is RansomHub?
RansomHub is regarded as one of the most prolific ransomware groups currently active. It runs a Ransomware-as-a-Service (RaaS) model, where the core team develops and upholds the ransomware code and infrastructure, which is then leased to other cybercriminals serving as affiliates.