Malabar Gold & Diamonds, a prominent jewelry retailer based in India, is currently embroiled in a suspected data breach allegedly orchestrated by the notorious Snatch ransomware group.
Reports suggest that the syndicate has claimed responsibility for infiltrating the company’s systems, extracting a significant volume of data totaling 270 GB.
Established in 1993 by M. P. Ahammed, Malabar Gold & Diamonds is an Indian jewelry conglomerate headquartered in Kozhikode, Kerala. With over 330 showrooms spanning 11 countries, it stands as one of the globe’s premier chains of jewelry retailers.
The Snatch ransomware group, known for its aggressive tactics and targeting high-profile entities, has added Malabar Gold & Diamonds to its data leak site with a long story about its founder and CEO.
Malabar Gold & Diamonds Data Breach Claimed by Snatch Ransomware
According to posts shared by the threat actors, the Malabar Gold & Diamonds data breach allegedly includes sensitive information about key figures within Malabar Gold & Diamonds, including Mr. M. P. Ahammed, the esteemed chairman of the Malabar Group of Companies and founder of Malabar Gold and Diamonds.
The leaked data purportedly contains details about the company’s financial performance, turnover figures, and background information about its leadership.
“Let us start with the CEO of Malabar Gold and Diamonds – so meet Mr. Ahammed: M. P. Ahammed (born 1 November 1957) is an Indian businessman and the chair of Malabar Group of Companies. He is also the founder of Malabar Gold and Diamonds, one of the world’s largest retail jewelry groups”, reads the threat actor post.
Mr Ahammed, a prominent Indian businessman renowned for his entrepreneurial acumen, has steered Malabar Gold & Diamonds to remarkable success over the years. However, this alleged Malabar Gold & Diamonds breach targets the legacy of the renowned jewelry retailer.
Malabar Gold & Diamonds Breach Reaches the US Branch
Furthermore, the Snatch ransomware group has also disclosed information about Mr. Joseph Eapen, who oversees US operations at Malabar Gold & Diamonds.
The leaked data reportedly includes Eapen’s contact details and professional information, raising concerns about the potential exploitation of sensitive personal information.
In response to these alarming developments, The Cyber Express reached out to Malabar Gold & Diamonds for official comment or clarification regarding the alleged data breach. However, as of the time of writing, no statement or response has been received from the organization.
The lack of an official response leaves the claims surrounding the Malabar Gold & Diamonds data breach unverified. This is an ongoing story and TCE will be closely monitoring the situation.
We’ll update this post once we have more information on the Malabar Gold & Diamonds data breach or any official confirmation from the organization.
Snatch Ransomware Group Targeting Global Companies
The Snatch ransomware group, known for attacking global companies, has claimed responsibility for this cyberattack on Malabar Gold & Diamonds.
Taking consideration into the recent exploits, Both the FBI and US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory last year, warning about the group’s ransomware-as-a-service operation.
Despite not having a high profile, the advisory highlights the seriousness of the threat posed by Snatch. Targeting various sectors, including defense, agriculture, and IT, Snatch employs double extortion tactics.
Originally emerging in 2018 as Team Truniger, the group operates through command-and-control servers in Russia and attempts to bypass antivirus protections by rebooting Windows PCs into safe mode.
The group’s recent victims include, Banco Promerica, Tyson Foods, an alleged US President data leak related to Joe Biden, his son Hunter Biden, and First Lady Jill Biden and the infamous Tampa General Hospital data breach.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
