The Revil ransomware gang is reportedly claiming to have stolen various databases and other important data from MasMovil, a Spanish mobile operator company.
MasMovil Ibercom SA, Spain’s fourth-largest telecom operator, is the latest victim of the Revil ransomware gang.
On its Tor leak site, the ransomware gang claimed to have “downloaded databases and other important data” from a major telecommunication company. To prove they mean business, the group published screenshots of the folders they claim to have obtained from MasMovil, among them Backup, PARLEM, RESELLERS, and OCU folders.
MasMovil has acknowledged the ransomware attack took place; but said Revil did not demand a ransom from the company, yet.
Revil is a ransomware operation that, similarly to other ransomware groups, uses modus operandi that includes stealing data, encrypting servers, and demanding ransom payment. Revil specializes in stealing sensitive information from high-profile individuals and organizations and is known to ask record high ransoms.
The group was behind the breach against Apple’s partner Taiwanese firm Quanta in April 2021 and the attack on the technology giant Acer that resulted in Apple being extorted with a $50 mln payment demand.
MasMovil is a Spanish telecommunication company with a network that reaches 18 million households with ADSL and 26 million with optical fiber, while its 4G mobile network covers 98,5% of Spain.
MasMovil is primarily engaged in the telecommunication sector and focuses on the sale and distribution services for Internet, Data Center, and Telecommunications. The company also owns Yoigo, Pepephone, Llamaya, and Lebara brands.