Home All Victims PLN

PLN

dragonforce

This record tracks a ransomware attack claimed by the dragonforce group against PLN. It collects the publicly disclosed attack details — sector, location and timeline — as published on the operator's leak site and indexed by Breach House.

Window Zero

EXPOSURE GAP

Window Zero is the time the breach stayed in the open before anyone said so — the gap between when the attack was first discovered on the operator's leak site (t1) and when it was publicly disclosed (t2). The wider this window, the longer victims, staff and customers were exposed with no warning.

442days open
t1 · Published t2 · Pending
Mar 31, 2025Not disclosed yet
Country
Indonesia
Business Category
Services
Employees
101-1000
Discovered
2025-08-21
Published
March 31, 2025
Disclosed / Notified
Not disclosed yet
Victim ID
SgoARbvbAcoB

Attack Summary

Core business is the supply of electricity, especially in generation, transmission and distribution. Obtaining the task of electrifying all over the archipelago, PLN has the obligation to increase installed capacity for power supply and the development of electricity infrastructure such as transmission networks, substations, and distribution networks. At all times, we continue to improve ourselves and improve services, considering that electricity is a basic infrastructure need that will create a multiplier effect for the progress of the Indonesian economy. Our business continues to expand into various business sectors through subsidiaries, associated entities, joint ventures, and special purpose vehicles (SPV) under the auspices of the PLN Group. Through the implementation of SOLID (Securing Business Sustainability, Optimizing Cost Efficiency, Leading Industry Capabilities, Increasing Profit Contribution and Developing New Edge) business portfolios, we will continue to develop services to become a World Class Electricity Company.

Leak Screenshots

SAMPLE

Proof-of-breach screenshots the operator posted from the stolen data. Previews are redacted and locked — the originals are available on HaveIBeenRansom.

file_tree.png
finance_2024.xlsx
passport_scan.jpg
contract_signed.pdf
Sign in or explore HaveIBeenRansom to view the full leak gallery.
View leak gallery →

Dark Web Exposure

Cross-referenced against HaveIBeenRansom's dark-web index of ransomware leaks, breaches & infostealer logs.
0
found in Infostealer logs
0
found in Traditional breaches
0
found in Ransomware leaks
Emails exposed
••••
Internal
•••
External
•••
Distinct leaks
••
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
Full exposure is locked
See every breached email, the internal-vs-external split and each leak source behind this victim.
Sign in to unlock Dig deeper on HaveIBeenRansom →
Want the complete picture — passwords, machines, full leak files? It's all searchable on HaveIBeenRansom.
Search this victim →
Visit Website Original Post View Group: dragonforce

Related entries

Tecfi SpA Ink Cheoy Lee Shipyards Al Ishrak Contracting Corniche Hotel Abu Dhabi A. Liberty Engineering Co. Ltd
Legal Disclaimer: This ransomware victim record reflects information published on the operator's leak site. Breach.house does not acquire, download, host, access or redistribute unlawfully obtained data. It indexes only publicly visible information posted by ransomware, breach and infostealer operators and open web sources, without accessing the underlying stolen content. The service supports public awareness, legitimate research and cyber-resilience.