Ransomware Group: NIGHTSPIRE

VICTIM NAME: M-POWER Information, Taiwan

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the NIGHTSPIRE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to a Taiwanese technology company named M-POWER Information, which appears to have been targeted in an attack that was publicly disclosed on April 22, 2025. The incident involves a data breach where approximately 300 GB of sensitive data was compromised. The attack date is identified as April 18, 2025, indicating when the incident took place. The leak page reveals that a group called “nightspire” claimed responsibility for the breach. Although specific details about the nature of the stolen data are not provided, such large-scale data exfiltration suggests an impactful incident for the organization. The page includes screenshots of internal documents and indicates that the compromised information is significant enough to warrant public attention. No downloadable files or links are directly available from the leak, but the information underscores a serious cybersecurity incident affecting the company’s operations in Taiwan, within the technology sector. The breach emphasizes the importance of robust security measures in the region to prevent similar attacks in the future.

This public disclosure highlights the ongoing risks faced by technology companies in Taiwan and demonstrates the emerging threat landscape facing organizations worldwide. The attack date and the substantial data size indicate a well-planned operation by the cyber threat group “nightspire.” The incident’s specifics remain limited, but the leak’s existence alone suggests potential exposure of internal information that could impact the company’s reputation and operational security. Despite the absence of personal or sensitive PII in the public report, the event serves as a reminder of the critical need for constant security vigilance to mitigate the risks posed by organized cybercriminal groups targeting the technology industry in the region and beyond.