Incident Details
- Victim: cgcsa.co.za
- Sector: Business Services
- Country: ZA
- Actor: stormous
- Source:
- Discovered: 2026-05-03T01:59:29.995753+00:00
- Published: 2026-05-03T00:00:00+00:00
Information
- stormous and endor
- Corporate data: names, emails, phone numbers, PMS names
- Financial accounting records
- Sales order reports
- Database systems: SQL Server and Sage 200 Evolution SQL
- Operational security data
- Full Sage 200 Evolution backups, including all transaction history, tax records, and payroll
- CRM and legal archives: over 151,000 sensitive documents, contracts, and internal communications
- Full access to GS1 South Africa SharePoint, including GDSN protocols and partnership data with Unilever, Nestle, and LβOreal
- Complete PII of administrative staff and executive members, including private emails and mobile numbers
Disclaimer: This post is based on public claims made by the ransomware group "stormous". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.