GB Group targeted by cyberattack

Haitian conglomerate GB Group (https://gbgroup.com), a pillar of the Haitian economy, was the victim of a massive cyberattack claimed by the ransomware group Dire Wolf. The attackers published 20 GB of confidential data on their dark web site, including strategic, accounting, and HR documents.

📅 Data Leak timeline:

🗓️ May 26, 2025: Sample files released

🗓️ June 15, 2025: Partial leak

🗓️ June 30, 2025: Full disclosure planned

📂 Examples of exposed files (from screenshots and recovered files): SQL Server files + Excel/Word/PDF accounting exports

📊 Investment tracking tables

📑 Internal audit reports

🧾 Bank statements and payroll documents

🏗️ Files on subsidiary management, governance, and financial risk management

🔐 IT compliance files

📂 Compromised data:

🔸 SQL Server databases

🔸 Internal contracts & organizational charts

🔸 Financial statements and Audits

         🔸Banking data (XLSX, DOC, PDF files)

🔸 Accounting spreadsheets and tenant lists

🔸 Confidential Odoo and ERP documents

🕵️‍♂️ The leak includes sensitive files related to Bin Faqeeh Real Estate Investment Company, account statements, lease agreements, customer credentials, and important financial files (e.g., Bank Accounts.xlsx, Tenant master format.xlsx, Breaker OS SC Tally Export.xlsx).

⚠️ This attack confirms a worrying trend: ransomware groups are increasingly targeting regional conglomerates and critical infrastructure in the LAC region, including Haiti.

Source: Adama ASSSIONGBON, ThreatIntel Specialist