When Montenegro claimed Russian hackers attacked them, most of us probably didn’t think about the Cuba ransomware team, but the Cuba group claimed credit for the attack.
According to their listing, they received the files on August 19. Their wording may sound puzzling in saying that they “received” the files, but that’s consistent with other listings on their site; they seem to use “received” for “exfiltrated.”