DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

AMI Group – Travel & Tours notice of ransomware attack

Posted on June 9, 2025 by Dissent

The following notice was posted June 3 on Facebook.ย  As of publication, there is no notice on their website, and although AMI indicates that APT73 is responsible for the attack, there is nothing on Bashe’s leak site or any other leak site.ย 

๐Ÿšจ ๐—จ๐—ฅ๐—š๐—˜๐—ก๐—ง ๐—ฃ๐—จ๐—•๐—Ÿ๐—œ๐—– ๐—ก๐—ข๐—ง๐—œ๐—–๐—˜ โ€“ ๐—–๐—ฌ๐—•๐—˜๐—ฅ๐—ฆ๐—˜๐—–๐—จ๐—ฅ๐—œ๐—ง๐—ฌ ๐—”๐—Ÿ๐—˜๐—ฅ๐—ง ๐Ÿšจ
๐—ง๐—ผ ๐—ผ๐˜‚๐—ฟ ๐˜ƒ๐—ฎ๐—น๐˜‚๐—ฒ๐—ฑ ๐—ฐ๐—น๐—ถ๐—ฒ๐—ป๐˜๐˜€, ๐—ฝ๐—ฎ๐—ฟ๐˜๐—ป๐—ฒ๐—ฟ๐˜€, ๐˜€๐˜๐—ฎ๐—ธ๐—ฒ๐—ต๐—ผ๐—น๐—ฑ๐—ฒ๐—ฟ๐˜€, ๐—ฎ๐—ป๐—ฑ ๐˜๐—ต๐—ฒ ๐—ถ๐—ป๐˜๐—ฒ๐—ฟ๐—ป๐—ฎ๐˜๐—ถ๐—ผ๐—ป๐—ฎ๐—น ๐—ฝ๐˜‚๐—ฏ๐—น๐—ถ๐—ฐ:
It is our corporate responsibility to inform you that ๐—”๐— ๐—œ ๐—š๐—ฟ๐—ผ๐˜‚๐—ฝ ๐—ผ๐—ณ ๐—–๐—ผ๐—บ๐—ฝ๐—ฎ๐—ป๐—ถ๐—ฒ๐˜€ has been identified as a target of a sophisticated ๐—ฟ๐—ฎ๐—ป๐˜€๐—ผ๐—บ๐˜„๐—ฎ๐—ฟ๐—ฒ ๐—ฐ๐˜†๐—ฏ๐—ฒ๐—ฟ๐—ฎ๐˜๐˜๐—ฎ๐—ฐ๐—ธ orchestrated by a known international threat group (๐—”๐—ฃ๐—ง๐Ÿณ๐Ÿฏ).
This was not a minor breach. This is a high-level cyber threat and this incident was officially brought to our attention by the ๐—จ๐—ป๐—ถ๐˜๐—ฒ๐—ฑ ๐—ฆ๐˜๐—ฎ๐˜๐—ฒ๐˜€ ๐—™๐—ฒ๐—ฑ๐—ฒ๐—ฟ๐—ฎ๐—น ๐—•๐˜‚๐—ฟ๐—ฒ๐—ฎ๐˜‚ ๐—ผ๐—ณ ๐—œ๐—ป๐˜ƒ๐—ฒ๐˜€๐˜๐—ถ๐—ด๐—ฎ๐˜๐—ถ๐—ผ๐—ป (๐—™๐—•๐—œ), ๐—–๐˜†๐—ฏ๐—ฒ๐—ฟ ๐—ง๐—ฎ๐˜€๐—ธ ๐—™๐—ผ๐—ฟ๐—ฐ๐—ฒ โ€“ ๐—ฃ๐—ต๐—ถ๐—น๐—ฎ๐—ฑ๐—ฒ๐—น๐—ฝ๐—ต๐—ถ๐—ฎ ๐—™๐—ถ๐—ฒ๐—น๐—ฑ ๐—ข๐—ณ๐—ณ๐—ถ๐—ฐ๐—ฒ, who made direct contact with us this morning. The ๐—™๐—•๐—œ has confirmed that our company was listed on a ransomware groupโ€™s threat site, leading them to formally recognize ๐—”๐— ๐—œ ๐—š๐—ฟ๐—ผ๐˜‚๐—ฝ ๐—ผ๐—ณ ๐—–๐—ผ๐—บ๐—ฝ๐—ฎ๐—ป๐—ถ๐—ฒ๐˜€ as a victim of a high-level cyber incident.
๐Ÿ” ๐—œ๐—บ๐—ฝ๐—ผ๐—ฟ๐˜๐—ฎ๐—ป๐˜ ๐—™๐—ฎ๐—ฐ๐˜๐˜€ ๐—ฌ๐—ผ๐˜‚ ๐—ฆ๐—ต๐—ผ๐˜‚๐—น๐—ฑ ๐—ž๐—ป๐—ผ๐˜„:
โœ…No ransom has been demanded or paid as of this notice.
โœ…The incident exclusively affects our upcoming digital platforms, including newly launched websites, systems, and servers, scheduled to go live on ๐—๐˜‚๐—น๐˜† ๐Ÿญ๐˜€๐˜, ๐Ÿฎ๐Ÿฌ๐Ÿฎ๐Ÿฑ.
โœ…Our current and existing platforms, portals, and client systems remain fully operational, unaffected, and secure.
โœ…All AMI Group of Companies servers and data infrastructure are based in the United States, secured under stringent data protection protocols.
โœ…All core business services remain uninterrupted across all divisions and regions.
๐Ÿ’ก ๐—ช๐—ต๐˜† ๐—ช๐—ฎ๐˜€ ๐—”๐— ๐—œ ๐—š๐—ฟ๐—ผ๐˜‚๐—ฝ ๐—ผ๐—ณ ๐—–๐—ผ๐—บ๐—ฝ๐—ฎ๐—ป๐—ถ๐—ฒ๐˜€ ๐—ง๐—ฎ๐—ฟ๐—ด๐—ฒ๐˜๐—ฒ๐—ฑ?
As one of the fastest-growing multinational conglomerates in the worldโ€”operating across Financial Services, Engineering, Travel, Education, Immigration, Property, Staffing, and AIโ€”our global digital presence makes us a prime target for highly coordinated cyber threats.
The FBI’s immediate involvement speaks volumes of the scale, influence, and operational depth of ๐—”๐— ๐—œ ๐—š๐—ฟ๐—ผ๐˜‚๐—ฝ ๐—ผ๐—ณ ๐—–๐—ผ๐—บ๐—ฝ๐—ฎ๐—ป๐—ถ๐—ฒ๐˜€ . In collaboration with our internal ๐—œ๐—ป๐—ณ๐—ผ๐—ฟ๐—บ๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐—ง๐—ฒ๐—ฐ๐—ต๐—ป๐—ผ๐—น๐—ผ๐—ด๐˜† ๐—ฎ๐—ป๐—ฑ ๐—”๐—ฟ๐—ฐ๐—ต๐—ถ๐˜๐—ฒ๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ (๐—œ๐—ง๐—”) ๐——๐—ถ๐˜ƒ๐—ถ๐˜€๐—ถ๐—ผ๐—ป, the FBI has already begun issuing expert directives to strengthen our cyber posture and assist in the investigation.
๐Ÿ“ข ๐—” ๐—–๐—ฟ๐—ถ๐˜๐—ถ๐—ฐ๐—ฎ๐—น ๐——๐—ถ๐˜€๐˜๐—ถ๐—ป๐—ฐ๐˜๐—ถ๐—ผ๐—ป:
This cybersecurity event does not affect our live operations, and none of our current clients, partners, or platforms have experienced disruption or data loss. The incident targets only the systems scheduled for public rollout in July, which remain isolated from existing infrastructure.
๐Ÿ“ต Due to the severity of the threat and the sensitive nature of the ongoing investigation, we are unable to disclose full technical details at this time. However, rest assured that we are taking every measure in alignment with both federal guidance and internal cyber defense protocols to contain and eliminate the threat.
๐Ÿ’ฌ ๐—” ๐—™๐—ถ๐—ป๐—ฎ๐—น ๐—ช๐—ผ๐—ฟ๐—ฑ ๐˜๐—ผ ๐—ข๐˜‚๐—ฟ ๐—–๐—น๐—ถ๐—ฒ๐—ป๐˜๐˜€ ๐—ฎ๐—ป๐—ฑ ๐˜๐—ต๐—ฒ ๐—ฃ๐˜‚๐—ฏ๐—น๐—ถ๐—ฐ:
Cybersecurity is the backbone of trust in this digital age. Though this was an attempted breach of our upcoming systems, our response is immediate, coordinated, and reinforced with the backing of federal authorities.
We deeply appreciate your trust, and we are committed to keeping you informed as the situation evolves.
โ€” ๐—ง๐—ต๐—ฒ ๐—˜๐˜…๐—ฒ๐—ฐ๐˜‚๐˜๐—ถ๐˜ƒ๐—ฒ ๐— ๐—ฎ๐—ป๐—ฎ๐—ด๐—ฒ๐—บ๐—ฒ๐—ป๐˜
AMI Group of Companies โ€“ Global Headquarters
๐Ÿ“New York, USA | ๐ŸŒ www.amigroups.com
May be a graphic of text that says 'mmi UPDATE hellopeter 5000000 60 Trustindex.... sitejabber TrustSpot 50 Google'

No related posts.

Category: Business SectorMalware

Post navigation

โ† Resource: Insider Threat reports
Trump Rewrites Cybersecurity Policy in Executive Order โ†’

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid โ€˜rightโ€™ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
ยฉ 2009 โ€“ 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.