The ransomware claim involves the infiltration of Sarulla Operationβs systems by the threat actor incransom, compromising sensitive data including financial operations, budgets, user information, and confidential documents such as passports, payment instructions, contracts, and more. The impacted country is Indonesia #Indonesia.
Incident Details
- Victim: Sarulla Operation
- Country: ID
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/69029cdfe1a4e4b3ff9b5cec
- Discovered: 2025-11-11 00:27:51.470545
- Published: 2025-11-11 00:00:00.000000
Information
- Ransomware attack targeted Sarulla Operation in Indonesia.
- Incransom was the identified threat actor behind the attack.
- Compromised information included administration data.
- Financial operations, budgets, and account balances were affected.
- User information and confidential data were stolen.
- Over 1,000 passports were compromised.
- Payment instructions and other accounting documents were accessed.
- Contract discussions and final contracts were also impacted.
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.