Threat actor stormous claimed it breached mlit.com.my in Malaysia (MY), gaining full unauthorized access to internal servers and network infrastructure, including the company’s Microsoft Dynamics Management Reporter environment and local storage volumes. The actor alleged the theft and leakage of sensitive operational and financial data—such as complete Campaign Profit and Loss (PnL) statements, revenue sheets, clawbacks, general ledger accounts for linked entities, and extracted directory trees from network shares and remote desktop sessions—impacting #Malaysia
Incident Details
- Victim: mlit.com.my
- Sector: Public Sector
- Country: MY
- Actor: stormous
- Source:
- Discovered: 2026-06-12T20:58:54.047459+00:00
- Published: 2026-06-12T00:00:00+00:00
Information
- Successfully breached the internal servers and network infrastructure, gaining unauthorized access to the Microsoft Dynamics Management Reporter environment and local storage volumes.
- Leaked highly sensitive internal operations and financial records.
- Exposed complete individual Campaign Profit and Loss statements, detailed revenue sheets, clawbacks, and general ledger accounts for several linked entities.
- Extracted complete directory trees and file structures from internal network shares and remote desktop sessions.
- Revealed thousands of corporate folders, including JAG Group, SWGP Excel Import, and various financial databases.
Disclaimer: This post is based on public claims made by the ransomware group "stormous". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.