Ransomware victim disclosure
← All victimsAgencija za elektronski komunikacii (Agency for Electronic Communications)
listed as aek.mk · Claimed by Werewolves · listed 3 years ago
Status timeline
- ListedDec 20, 2023
- Data leakeddate unknown
At a glance
- Group
- Werewolves
- Status
- Data leaked
- Country
- North Macedonia
- Sector
- Government
- Listed on leak site
- Dec 20, 2023
About the victim
AI dossier — public-source company profileAEK is North Macedonia's national regulatory authority for electronic communications. It oversees the telecommunications market, manages spectrum allocation, licenses operators, regulates pricing, ensures network security and integrity, and serves the interests of users, businesses, and the communications industry.
- Industry
- Government - Telecommunications Regulator
- Address
- Skopje, North Macedonia
Attack summary
Severity: high — Confirmed data publication from a critical government telecommunications regulator. Exposure of regulatory, licensing, and market intelligence data affecting national communications infrastructure constitutes significant impact, even without confirmed exfiltration details.The werewolves group claims to have compromised AEK and published data. No specific operational details of the attack method (encryption, exfiltration, or both) are stated in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- government regulatory documents
- telecommunications licensing records
- market analysis data
- spectrum allocation records
- pricing regulation files
- internal organizational documents
What the group claims
We create favourable conditions for the effective and sustainable competition on the electronic communications market to serve the interests of the users, business society and communications industry, through effective, transparent, proportionate and proactive application of the regulatory tools.
Sources
- Victim siteaek.mk
- Leak posthttps://werewolves.pro/en/bigcenters.html
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

