Ransomware victim disclosure
← All victimsOffice of Public Sector Anti-Corruption Commission
Claimed by Direwolf · listed 7 months ago
Status timeline
- ListedDec 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Direwolf
- Status
- Data leaked
- Country
- Thailand
- Sector
- Public Sector
- Listed on leak site
- Dec 22, 2025
About the victim
AI dossier — public-source company profileThe Office of Public Sector Anti-Corruption Commission (PACC), known in Thai as สำนักงานคณะกรรมการป้องกันและปราบปรามการทุจริตในภาครัฐ (ป.ป.ท.), is a Thai government agency responsible for preventing and suppressing corruption within the public sector. It operates under the Thai government and maintains an official web presence at pacc.go.th. As a law-enforcement and oversight body, it handles sensitive government, investigative, and personnel records.
- Industry
- Government Anti-Corruption Oversight
Attack summary
Severity: critical — The victim is a government anti-corruption oversight body whose data likely includes sensitive investigative case files, informant or witness details, personnel records, and law-enforcement intelligence. Data has been published (not merely threatened), making exposure of regulated and highly sensitive government data confirmed, warranting a critical rating.The direwolf ransomware group claims to have compromised the Office of Public Sector Anti-Corruption Commission of Thailand and has published data (disclosed status: data_published), though no specific data size or ransom demand was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Government agency records
- Anti-corruption investigation files
- Personnel and employee data
- Internal administrative documents
What the group claims
Government
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

