Ransomware victim disclosure
← All victimsMinistry of Land, Infrastructure and Transport (Malaysia)
listed as mlit.com.my UPDATE-FULL DATA DUMP NEW LINK 10GB · Claimed by Stormous · listed 9 days ago
Status timeline
- ListedJun 24, 2026
- Data leakeddate unknown
At a glance
- Group
- Stormous
- Status
- Data leaked
- Country
- Malaysia
- Sector
- Public Sector
- Listed on leak site
- Jun 24, 2026
About the victim
AI dossier — public-source company profilemlit.com.my is the official domain associated with Malaysia's Ministry of Land, Infrastructure and Transport (MLIT), a public sector agency responsible for land administration, infrastructure development, and transport policy.
- Industry
- Government Administration
Attack summary
Severity: critical — Confirmed exfiltration of a Malaysian government agency's financial and operational records, including sensitive internal accounting data. Government sector data exposure at scale meets critical threshold; operational/national security implications likely.Stormous claims to have exfiltrated highly sensitive internal operations and financial records, including PnL statements, revenue sheets, general ledger accounts, and internal network directory structures. The group has published a 10GB data dump.
Data the group says was taken
AI dossier — extracted from the leak post- Profit and Loss statements
- Revenue sheets
- Clawback records
- General ledger accounts
- Internal network directory trees
- Remote desktop session files
- Corporate financial databases
What the group claims
FULL DATA DUMP . The compromised data includes highly sensitive internal operations and financial records. Among the leaked files are complete individual Campaign Profit and Loss (PnL) statements, detailed revenue sheets, clawbacks, and general ledger accounts for several linked entities, including Salesworks Pte Ltd Taiwan Branch and Shaves2u HK Limited. Additionally, we have extracted complete directory trees and file structures from the internal network shares and remote desktop sessions, revealing thousands of corporate folders such as JAG Group, SWGP Excel Import, and various financial databases.
Source
Indexed 9 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

