SARCOMA RANSOMWARE STRIKES SUNTRUST PROPERTIES

Threat Actor: Sarcoma Ransomware | Sarcoma Ransomware
Victim: Suntrust Properties | Suntrust Properties
Price: Not disclosed
Exfiltrated Data Type: Personal and corporate data, including IDs and SQL databases

Key Points :

  • Attack launched on October 10, 2024, compromising 1TB of data.
  • Exfiltrated data includes PRC IDs, government-issued IDs, signed legal documents, and SQL databases.
  • Suntrust Properties is a leading real estate developer in the Philippines, established in 1997.
  • The breach was first reported in mid-September 2024, with Sarcoma Ransomware later claiming responsibility.
  • No official statement has been released by Suntrust Properties regarding the breach.

Date Published: October 10, 2024

Sarcoma Ransomware, a newly identified threat actor, has launched an attack on Suntrust Properties, compromising personal and corporate data. A massive 1TB of information, including files and SQL databases, has been exfiltrated and exposed by the attackers.

The ransomware group has released samples of the compromised data, which include:

• Professional Regulation Commission (PRC) IDs of employees and clients
• Government-issued IDs (e.g., driver’s licenses and police identification cards)
• Signed legal documents such as property transaction contracts and buyer acceptance forms
• SQL databases containing corporate data related to real estate operations

About Suntrust Properties:

Suntrust Properties, Inc. (SPI), established in 1997, is a leading real estate developer in the Philippines and a subsidiary of Megaworld Corporation. SPI has developed numerous residential and commercial projects across the country, focusing on affordable housing. In 2018, the company expanded its portfolio by acquiring Stateland, Inc., further cementing its presence in the industry. Today, Suntrust operates over 50 developments nationwide, catering to the modern Filipino lifestyle.

According to our breach notification log, Suntrust Properties was first reported to be breached in mid-September 2024. At the time, no group had claimed responsibility, leaving the incident unverified. Recently, Sarcoma Ransomware has surfaced as the group behind the attack, revealing the full extent of the breach.

Deep Web Konek has informed Suntrust Properties of the incident, but there has been no official statement from the company regarding the breach at this time.

Source: https://kukublanph.data.blog/2024/10/10/sarcoma-ransomware-strikes-suntrust-properties/