Ransomware victim disclosure
← All victimsRailway Assets Corporation (RAC)
listed as rac.gov.my · Claimed by Babuk2 · listed 1 year ago
Status timeline
- ListedMar 19, 2025
- Data leakeddate unknown
At a glance
- Group
- Babuk2
- Status
- Data leaked
- Country
- Malaysia
- Sector
- Public Sector
- Listed on leak site
- Mar 19, 2025
About the victim
AI dossier — public-source company profileThe Railway Assets Corporation (RAC) is a federal statutory body under Malaysia's Ministry of Transport, established in 1992 under the Railways Act 1991. RAC manages railway properties, land, and infrastructure across Malaysia's national rail system, providing licensing, leasing, and development services for railway-linked commercial activities and utilities.
- Industry
- Public Sector - Railway Infrastructure & Asset Management
- Founded
- 1992
Attack summary
Severity: medium — Government critical infrastructure (railway asset management) compromised by confirmed disclosure and listing on a ransomware leak site. However, the leak post contains minimal detail about actual data exfiltration or operational impact, preventing a 'critical' classification without further evidence.The ransomware group babuk2 claims to have compromised rac.gov.my. No specific details about encrypted systems, exfiltrated data, or ransom demands are provided in the leak post.
What the group claims
rac.gov.my
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

