Cyber Incident Victim: Alfanar

On July 10, 2020, cybersecurity firm Cyble identified a data leak allegedly perpetrated by NetWalker ransomware operators targeting Alfanar, a multinational manufacturer and supplier of electrical construction products founded in 1976. The attackers published samples of stolen data on their dark web blog, including detailed contracts, audit reports, and insurance documents. Alfanar, which operates across the Middle East, Asia, Africa, and Europe, provides engineering services for conventional and renewable power plants alongside its core manufacturing operations. NetWalker operators issued a seven-day ultimatum for Alfanar to negotiate, threatening full public release of sensitive data if no agreement was reached. The leaked samples suggested comprehensive access to corporate documents, though the exact intrusion vector and encryption impact remained unconfirmed in available reports.

The incident exposed Alfanar to significant operational and reputational risks given the sensitive nature of leaked contractual and financial documentation. While the company's direct response remained undocumented, the breach demonstrated NetWalker's continued targeting of critical infrastructure sectors during its 2020 operations. Cyble's discovery provided third-party verification of the compromise, though Alfanar's internal detection timeline and containment measures were not disclosed. Potential consequences included disruption to international engineering projects, supply chain complications, and regulatory scrutiny across multiple jurisdictions where Alfanar maintains operations. The attackers' publication strategy amplified pressure through reputational damage, leveraging stolen data as collateral for extortion demands.