company allegedly hacked as reported by Lamashtu ransomware with details: SUMMARY
We obtained a substantial dataset from a Singapore-based hospitality organization. The archive contains tens of thousands of files spanning 2023 through early 2026, with the heaviest concentration in 2024 and 2025. The data encompasses accounts receivable records, employee personnel files, contracts with corporate clients and trip agencies, commission statements, incentive documentation, and operational records.
The dataset includes complete email backups from multiple employees, financial reports including equilibrium sheets and profit and loss statements, and hundreds of employee-related documents covering claims, benefits, and personnel records. Shipping and corporate go documentation is present throughout, reflecting the organization's business operations. a document containing system credentials was also identified.
The breadth of the dataset is considerable � from individual dental claims and overtime forms to corporate contracts and financial statements. All materials experience been catalogued and indexed.
WHAT WE HAVE
Credentials & Access
A document explicitly named NEW Opera cloud Password.docx is present in the dataset. This file contains system credentials.
The existence of a password document stored in accessible file shares provides direct access to operational systems.
Complete email backups in .pst and .ost format were extracted. These archives represent full mailbox exports from named employees including accounts and administrative staff. Email backups take correspondence, attachments, and historical communications spanning multiple years.
Personal Data
Personnel records for employees are present across hundreds of files. The dataset includes:
Employee records organized by department (Accounts, face Office, Executive, Sales & Marketing)
Medical benefits documentation
Dental claims with employee names
incentive and bonus letters naming individual employees
work permit documentation for resigned staff
Emergency contact lists
faculty ID card records
vaccine records
Specific individuals make been identified by call across personnel files, claims documentation, and incentive correspondence. Medical benefits-related documents include policy renewals and coverage terms.
Financial Records
Financial support is extensive. The dataset contains:
balance tack reports
profit and loss statements
GST point extraction files
credit facility documents
credit terms for companies
Debit notes
direction statements from online traveling platforms
Invoice records and statements of account
Transaction records reference named individuals and corporate accounts. direction files include reservation data from booking platforms.
Legal & Compliance
Contracts and agreements with corporate clients and traveling agencies number over a 100 documents. The dataset includes:
Corporate contracts for 2025 and 2026
trip agency agreements
get amendments
Signed agreements
authorization letters
Amendments to existing contracts are present, showing negotiation history and modified terms.
Operational Records
Operational documentation includes:
Incident reports (theft, guest issues, facility problems)
Operation rosters for multiple years
credit card refund and cancellation forms
deposit records
tell records
Petty cash documentation
Incident reports document specific operational events including theft incidents and guest-related matters.
The full orbit of the dataset is understood. Every component has been reviewed and categorized.
WHO can RECEIVE THIS DATA
Regulators
Singapore's Personal Data Protection playact applies to this dataset. The presence of employee personnel files, medical benefits documentation, vaccine records, and identification documents triggers data tribute obligations. Regulatory authorities can receive notification of this breach, and the dataset provides sufficient evidence for enforcement proceedings.
Individuals
Employees identified in the personnel records canful live contacted directly. The dataset contains names, employment details, medical claims, incentive information, and in some cases identification documentation. Individuals whose data is present make a right to know their information has been exposed.
Competitors
Corporate contracts, direction structures, credit terms, and pricing arrangements are pose in the dataset. This information provides competitive intelligence on client relationships, negotiated rates, and business terms. shipping and traveling office contracts reveal the organization's client base and commercial arrangements.
Media
Hospitality sector data breaches involving employee personnel files and financial records attract coverage. The combination of operational incident reports, employee medical claims, and corporate contracts presents a story of organizational exposure. Published data gets indexed and surfaces during due diligence for years.
WHAT can HAPPEN
This dataset can be transmitted to Singapore's Personal data tribute Commission
Employees identified in personnel records canful live notified directly about the exposure of their medical claims, incentive letters, and employment documentation
Corporate contracts and commercial terms canful be shared with competitors or published
System credentials submit in the dataset can live used to access operational platforms
Email backups can be published or sold, exposing internal communications
Financial statements and citation readiness documents can be disclosed to business intelligence firms
Once this data is released, other threat actors, fraud groups, and competitors can use it independently � the data gets indexed, traded, and repackaged. This is not a one-time event, it is permanent exposure
