Phonesack Group, a major mining and energy conglomerate based in Laos, has allegedly been compromised, resulting in the unauthorized exposure of sensitive documentation related to a critical infrastructure project. The breach involves the “Xekong 1800 MW” thermal power plant initiative, a massive energy project designed to export power to Cambodia. The leak was publicized by a threat actor who claims to be selling the stolen files, which reportedly originate directly from the company’s internal servers. The leaked cache allegedly spans multiple years of project development, from 2020 to 2021.
According to the actor, the compromised data consists of approximately 4 GB of files (81 documents) and includes confidential contracts and technical schematics. The allegedly compromised data includes:
-
Progress reports for phases 4–9 (2020–2021) and official correspondence with Electricite Du Cambodge (EDC)
-
The full Engineering, Procurement, and Construction (EPC) contract with DECI (Chinese contractor), comprising terms, scope, and responsibility matrices
-
Detailed technical specifications for the power plant (FTS) and transmission lines, including route maps and drawings
-
Technical bids, clarifications, and deviations related to the construction
-
A Memorandum of Understanding (MOU) with UREC dated December 2020
Daily Dark WebRead More
R1
T1
