Blaise Arbouet

June 25, 2025 · 1 min read

GB Group targeted by cyberattack

GB Group targeted by cyberattack

Haitian conglomerate GB Group experienced a significant breach when the ransomware group Dire Wolf claimed responsibility for the attack. The threat actors published approximately 20 GB of sensitive organizational data on the dark web.

Data leak timeline

  • May 26, 2025 — initial sample files released
  • June 15, 2025 — partial disclosure occurred
  • June 30, 2025 — complete disclosure planned

Examples of exposed materials

The leaked files encompassed SQL Server databases, Excel and Word accounting exports, investment tracking records, internal audit reports, bank statements, payroll documents, subsidiary management files, governance records, and IT compliance materials.

Compromised data categories

The breach included SQL Server databases, internal contracts and organizational charts, financial statements and audits, banking data in multiple formats, accounting spreadsheets, tenant lists, and confidential enterprise resource planning documents.

Additional sensitive information

The disclosure also revealed files related to Bin Faqeeh Real Estate Investment Company, account statements, lease agreements, customer credentials, and financial documents such as bank account files and tenant records.

Broader implications

This incident is part of an escalating pattern where ransomware operators are increasingly targeting regional business conglomerates and essential infrastructure throughout Latin America and the Caribbean, particularly in Haiti.

Source: Adama Assiongbon, ThreatIntel Specialist.