SOCAR-STP
ddosecretThis record tracks a ransomware attack claimed by the ddosecret group against SOCAR-STP. It collects the publicly disclosed attack details — sector, location and timeline — as published on the operator's leak site and indexed by Breach House.
Window Zero
EXPOSURE GAPWindow Zero is the time the breach stayed in the open before anyone said so — the gap between when the attack was first discovered on the operator's leak site (t1) and when it was publicly disclosed (t2). The wider this window, the longer victims, staff and customers were exposed with no warning.
Attack Summary
SOCAR-STP LLC is a joint venture established on February 19, 2020, between Azerbaijan's State Oil Company (SOCAR) and Sumgayit Technologies Park (STP), which is part of the Azerbaijani Azenco company engaged in energy sector construction. The company operates in the Oil and Gas industry with its headquarters in Baku, Azerbaijan, specifically in the H.Z. Tagiyev settlement of Sumgait. It provides specialized capabilities for the energy, construction, oil and gas, automobile, heavy duty machines, aviation, and shipyard sectors. SOCAR-STP was listed as a ransomware victim associated with the threat actor ddosecret.
Leak Screenshots
SAMPLEProof-of-breach screenshots the operator posted from the stolen data. Previews are redacted and locked — the originals are available on HaveIBeenRansom.