Cyber Incident Victim: Play

On December 18, 2022, the threat actor group "Play" listed Cervecería Regional, a Venezuelan brewery, on their data leak site. The group publicly claimed responsibility for compromising the company's systems. Eight days later, on December 26, Play followed through by releasing data allegedly exfiltrated from the brewery. At the time of reporting, Cervecería Regional had not published any acknowledgment of the incident on its official website or social media channels. DataBreaches.net attempted to contact the company via email but received no response regarding the validity of the breach claims. The nature and sensitivity of the leaked data were not detailed in available reports, though Play's actions followed the ransomware group pattern of initial claims followed by staged data releases.

In a related incident, Play claimed responsibility for an earlier attack against Argentina de Soluciones Satelitales (ARSAT), first reported on December 2 without attributed threat actors. Play publicly asserted involvement on December 16, 2022. One week later, on December 23, the group leaked approximately 5GB of compressed data described as containing "personal, private data, etc." The release was characterized as partial, accompanied by a threat to publish the full data dump if no reaction occurred. ARSAT's response to the breach claim and subsequent data leak remained undocumented in public channels at the time of reporting. Both incidents followed Play's established pattern of data exfiltration, extortion attempts through leak site postings, and incremental data releases to pressure victims.