DoppelPaymer Ransomware Operators Breached Roger Martin Group, a Leading Global Construction Company

As usual DoppelPaymer ransomware operators add another data breach to their name. In this instance, they breached Roger Martin SA Group, which is a really strong and powerful construction company around the globe.

Roger Martin SA was founded in the year 1895 by Eugène Martin. The engineers, site managers, machine operators, technicians, safety managers at the head, or at the heart of reactive, attentive, precise, mobile teams are the real strength of the Roger Martin Group. Their men and women share the same values ​​from the start of the Group, over 124 years ago. Since the year 2015, Roger Martin continues to push the boundaries of its activity, in particular with the acquisition of the company’s MERLOT TP (earthworks – 58) and AXIROUTE (roads – 18) with industrial tools with 3 coating stations which complement the existing sites. Lastly, the SMB (building – 93) and SMC (railway civil engineering – 92) companies, which are deeply rooted in the Ile-de-France market and major players in the SNCF markets, joined the group in 2017. They bring together 120 employees and open new perspectives. They currently represent 1600 employees for a turnover of 300 million euros.

The DopplePaymer ransomware operators leaked their files as shown below-:

The Cyble Research Team has identified and verified this data. The data leak includes multiple sensitive and operational works documents of the company such as monthly summary statements, construction site plans, detailed different project plan documents, and many more. Below are the snapshots of a few of the sensitive leaked files from the large lot.

Company’s July 2016 Monthly Summary Statement

Snapshot of Construction Plan Document of Refrigerated Warehouse

Road Location Plan of the Construction Site

Looking at the rapidly increasing number of cyberattacks, Cyble has come up with the vision to assist the organizations in protecting themselves from cyberattacks. To accomplish its vision, Cyble not only holds the largest data breach monitoring search engine that holds over 40 billion darkweb records but also provides the services which include enabling faster detection of cyber threats via Cyble Vision and providing clear visibility to third-party cyber threats and risks via their Third-Party Cyber Risk Intelligence Platform.

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.