From d477275a535991e8ee95c11892cd0c9e2e1489b2 Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Mon, 20 Nov 2023 09:29:05 -0800
Subject: [PATCH] [threat-actors] Add N4ughtysecTU

---
 clusters/threat-actor.json | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 2049a12..bf4aa6e 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13264,6 +13264,19 @@
       },
       "uuid": "ee306b4d-1b2b-4872-a8f1-d07e7fbab2f0",
       "value": "Webworm"
+    },
+    {
+      "description": "In March 2022, a hacking group calling themselves N4ughtySecTU claimed to have breached TransUnion’s systems and threatened to leak four terabytes of data if the credit bureau didn’t pay a $15-million (R242-million) ransom.",
+      "meta": {
+        "country": "BR",
+        "refs": [
+          "https://mybroadband.co.za/news/security/438982-how-bank-customers-can-protect-themselves-after-hackers-leak-transunion-data.html",
+          "https://cisoseries.com/cyber-security-headlines-march-21-2022/",
+          "https://mybroadband.co.za/news/security/443090-cybercriminals-love-south-africa-study.html"
+        ]
+      },
+      "uuid": "43236d8e-27ee-40f1-ad15-a2ad23738a76",
+      "value": "N4ughtysecTU"
     }
   ],
   "version": 294