Ransomware Group: WORLDLEAKS

VICTIM NAME: ONGC Petro Additions Limited

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WORLDLEAKS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to ONGC Petro Additions Limited (OPaL), a major petrochemical company based in India. The attack was detected on June 28, 2025, and the breach was publicly disclosed the following day. OPaL is a prominent player in the energy sector, operating a large integrated petrochemical complex in Gujarat, which produces a variety of products such as HDPE, LLDPE, and polypropylene. The leak suggests that sensitive corporate information was compromised, including data related to the company’s operations and employees. The leak also indicates the involvement of multiple threat actors and infostealers that targeted the company’s network.

The leak page features information about the breach, including the presence of stolen data associated with the company’s employees and operational details. It references the use of various infostealer malware such as Raccoon, RedLine, Azorult, and others, which were used to exfiltrate data. The incident is linked to a ransomware group that has potentially published or intends to publish confidential information. It is also noted that four third-party entities may have been involved or affected. Although no downloadable data or explicit screenshots are available on the page, the content suggests a significant compromise of internal information, possibly impacting corporate security and operations.