A recent ransomware attack has emerged, targeting Workforce Group, one of Africa’s leading HR and business service firms. The screenshots, allegedly from a dark web leak site, show that the attackers have posted sensitive information about the company and are demanding an undisclosed ransom for the data’s deletion.
The timer prominently displayed—7 days, 20 hours, 37 minutes, 47 seconds—indicates a countdown to when the data will be released or potentially sold to third parties if the ransom is not paid. The payment details remain obfuscated, listed as “€???”, implying the ransom amount is negotiable or to be determined based on the company’s response.
The attackers claim to possess at least one disclosure related to Workforce Group, hinting at the potential exposure of proprietary or confidential information. The leak site also provides an option for negotiation through a dedicated session messenger, inviting both company representatives and interested third parties to engage.
What’s particularly concerning is that the screenshots display blurred images of what appear to be sensitive documents. While the exact nature of these documents is not clear, it suggests that at least some internal or sensitive files have been exfiltrated and could be at risk of public exposure.