A newly emerged ransomware group, Yurei, has allegedly claimed responsibility for a cyberattack targeting The Promise Nigeria Limited, one of the country’s leading fast-food and catering brands. The group, which first appeared on September 5, 2025, has quickly drawn attention in the threat intelligence community and currently lists three victims on its leak site, with The Promise Nigeria Ltd among them.
Who is Yurei?
Yurei is a recently discovered ransomware group that surfaced earlier this month. Unlike more established threat actors, Yurei appears to be positioning itself as a serious new entrant in the RaaS (Ransomware-as-a-Service) market, having already launched attacks against organizations across various sectors. The group’s leak site indicates its willingness to publish sensitive corporate and personal information if ransom demands are not met.
The Promise Nigeria Ltd, established in 2000 and listed on the NSE in 2003, is a household name in Nigeria’s hospitality sector. The company provides catering services to major oil and gas corporations, banks, government agencies, and large-scale corporate events.
According to Yurei’s leak site:
- The breach allegedly exposed financial data, supplier contracts, and procurement records.
- Confidential information tied to employees and customers was compromised, including personal identifiers, salaries, and contract terms.
- Business-sensitive records such as pricing structures and distributor agreements were also accessed.
The leak site currently displays internal company files, including menus, operational records, and contracts, as proof of compromise. At the time of writing, access to the full data set is set to be released if ransom negotiations fail.
This attack goes beyond corporate damage; it threatens the food supply chain in Nigeria. The Promise Nigeria Ltd is a key service provider to industries where operational downtime has wide-reaching consequences. Any disruption in its operations could affect:
- Food availability and pricing in corporate catering and retail services.
- Trust among major corporate partners who depend on reliable catering solutions.
- Consumer confidence in one of Nigeria’s most prominent hospitality brands.
With ransomware increasingly targeting critical industries, this incident highlights the vulnerability of sectors not traditionally considered high-value cyber targets, such as hospitality and catering.
Disclaimer: This report is based on alleged threat actor claims. CyHawk Africa does not verify or confirm the authenticity of such claims and bears no intent to defame. Content is for awareness and defensive purposes only.