Cyber Incident Victim: Partit Nazzjonalista

On or around April 8, 2021, the Avaddon ransomware group infiltrated the IT infrastructure of Partit Nazzjonalista (Nationalist Party of Malta). The attackers exfiltrated sensitive data, including financial records, employee personal documents, and private client information. After the party failed to pay the demanded ransom, Avaddon initiated a partial data leak on their dark web platform. The group publicly claimed responsibility for the breach and detailed the types of compromised data to pressure the victim into payment. This marked a typical double-extortion tactic, where attackers threaten both operational disruption and reputational damage through data exposure. The initial leak occurred overnight following the expiration of the ransom deadline, though the exact timeframe between the initial breach and the leak was not specified in available reports.

The incident exposed highly sensitive organizational and personal data, escalating concerns about privacy violations and potential misuse. Partit Nazzjonalista’s leadership, including its party head, publicly affirmed a policy of non-negotiation with threat actors, ruling out any ransom payment to halt further leaks. This stance was formally communicated to Times of Malta by April 25, 2021, emphasizing a commitment to resisting cybercriminal demands despite the risks of additional data exposure. The published data samples served as proof of the breach’s validity, though the full scope of exfiltrated material and operational disruptions remained undisclosed. No subsequent reports clarified whether Avaddon released additional data or whether the party implemented technical countermeasures beyond its public refusal to engage.