Cyber Incident Victim: OrangeTee

On August 6, 2021, Singapore-based real estate group OT Group, the holding company for OrangeTee & Tie and OrangeTee Advisory, publicly disclosed a data security breach. The company reported receiving an email from an unidentified third party claiming unauthorized access to its IT network. OT Group did not specify the exact date of the initial intrusion or the method of compromise but confirmed the incident to relevant authorities following the third-party communication. No immediate details were provided regarding the scope of accessed data, affected systems, or operational disruptions. The disclosure emphasized the company’s awareness of the incident and its engagement with authorities, though technical specifics about detection methods or containment actions remained undisclosed.

Subsequent developments revealed claims of responsibility by the ALTDOS threat actor group, though OT Group did not publicly attribute the breach. DataBreaches.net initially noted ALTDOS’s unverified claim in a comment on August 6, citing a lack of proof. On August 12, the same publication received a statement and purported proof of claim from an ALTDOS-associated account, which also contradicted an earlier comment attributed to the group. DataBreaches.net acknowledged the submission’s appearance of legitimacy but had not completed analysis of the evidence at the time of reporting. OT Group did not issue further public updates confirming or refuting ALTDOS’s involvement, leaving the attacker’s identity and motives unverified through official channels. The breach’s confirmed impacts—including data types exfiltrated, number of affected individuals, or financial consequences—were not detailed in available sources.