Ransomware victim disclosure
← All victimsWarisan TC Holdings Berhad
Claimed by Crypto24 · listed 1 year ago
Status timeline
- ListedJul 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Crypto24
- Status
- Data leaked
- Country
- Malaysia
- Sector
- Transportation/Logistics
- Listed on leak site
- Jul 16, 2025
- Data size
- 300 GB
About the victim
AI dossier — public-source company profileWarisan TC Holdings Berhad is a Malaysian investment holding company operating across multiple sectors: Travel & Car Rental (Mayflower brand with regional presence across Asia-Pacific), Industrial Machinery & Equipment distribution, Automotive sales, and Consumer Products. The company maintains offices in Malaysia, Cambodia, Thailand, Taiwan, Guangzhou and China with expansion planned to New Zealand and USA.
- Industry
- Investment Holding & Diversified Services (Travel & Car Rental, Industrial Machinery, Automotive, Consumer Products)
- Address
- Malaysia (based on public site; specific address not stated)
- Founded
- 1997
Attack summary
Severity: critical — Confirmed exfiltration of 300 GB containing customer PII at scale, financial records, employee data, and business-critical systems (CRM, invoicing). Customer databases and financial data of a multi-sector holding company affecting travel, machinery, and automotive operations across multiple countries represents regulated/sensitive data exposure at enterprise scale.The crypto24 group claims to have exfiltrated over 300 GB of sensitive data from Warisan TC Holdings, including customer databases (TOURPLAN, CRM, E-INVOICE systems), legal and HR documents, financial records, employee data, and contractual documents with partners and customers.
Data the group says was taken
AI dossier — extracted from the leak post- Customer databases (TOURPLAN, CRM, E-INVOICE)
- Legal documents
- HR documents
- Financial records
- Employee records
- Partner and customer contracts
What the group claims
We have exfiltrated over 300GB of sensitive data, including Customer databases (all dbs of wtc - TOURPLAN, CRM, E-INVOICE,...),Legal and HR documents, Financial and employee records, Contractual documents with partners and customers.
Sources
- Victim sitewarisantc.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

