Crypto24 has exfiltrated over 500GB of highly sensitive and business-critical data from Palmgold Management Sdn Bhdβs internal network, including full operational databases, PII, financial, HR, IT documents, and sensitive operational logic from both its Casino and Credit Divisions. The breach impacts Malaysia.
Incident Details
- Victim: Palmgold Management Sdn Bhd
- Country: MY
- Actor: crypto24
- Source:
- Discovered: 2025-08-18 15:47:10.923377
- Published: 2025-08-18 15:47:09.996465
Information
- Exfiltrated over 500GB of sensitive and business-critical data from Palmgold Management Sdn Bhdβs internal network.
- Data includes information from both the Casino Division and the Credit Division.
- Casino Division data encompasses full operational database of over 60,000 members, including PII, jackpot and play history, betting patterns, and machine configurations.
- Power BI dashboards used for internal analytics and confidential finance, HR, and IT documents were compromised.
- Distributed scanner share contents from all branches (kmscan, toshibascan, fujiscan).
- Operational logic such as promotion formulas, game-specific revenue models, slot machine volatility settings, player-tier betting analytics, risk thresholds, fraud alert triggers, and blacklist criteria were exfiltrated.
- Credit Division data (pgcredit.com.my) contains all customer KYC information along with detailed banking and cash transaction records.
Disclaimer: This post is based on public claims made by the ransomware group "crypto24". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.