STORMOUS Ransomware Group Publishes 33GB Data Dump from AMS Group UK

The STORMOUS ransomware operation has published a full data dump totaling 33GB allegedly stolen from AMS Group, a UK-based organization. The leak was announced on dark web channels and has been flagged by threat intelligence monitors, marking a significant exposure of corporate data. The published archive is now circulating on Tor-based platforms, potentially exposing sensitive internal documents, client records, or operational files belonging to the victim organization.

AMS Group, operating under the domain ams-group[.]co[.]uk, becomes the latest confirmed victim in STORMOUS's ongoing campaign. The ransomware group, known for targeting Western enterprises, has previously claimed high-profile breaches across multiple sectors. The 33GB dump suggests the attackers gained substantial access to the organization's systems before exfiltrating and publishing the material. The full scope of compromised data—including whether personal identifiable information, financial records, or proprietary assets are included—has not yet been independently verified, but the volume indicates a serious intrusion with potential regulatory and reputational consequences for the affected entity.

The incident underscores the persistent threat posed by ransomware groups operating with impunity from jurisdictions beyond easy reach of Western law enforcement. Organizations with exposure to AMS Group data may face secondary risks as the leaked material circulates. Security researchers and threat intelligence teams are actively analyzing the dump's contents to assess the breadth of the breach. The UK's data protection authorities could become involved if personal data is confirmed among the exposed files, potentially triggering notification obligations under GDPR. This development adds to the growing list of STORMOUS victims and highlights the group's continued operational capacity despite increased scrutiny from cybersecurity firms and international agencies.