Broadcast Blackout: Ransomware Gang Alp-001 Strikes NEP Group and Inatech in Double Data Heist

When the cybercriminal group Alp-001 announced its latest conquests, the reverberations were felt across both the broadcast and energy sectors. In a brazen double hit, the infamous ransomware gang claimed responsibility for attacks on NEP Group - a $2.1 billion powerhouse in global media production - and Inatech, a UK-based energy software provider. The attacks, disclosed on April 8, 2026, are the latest in a wave of sophisticated digital extortion campaigns targeting high-value corporate data, with 70GB and 51GB exfiltrated respectively. With deadlines set and sample files leaked as proof, the clock is ticking for the victims - and the wider industry is on high alert.

Fast Facts

• Victims: NEP Group (media/broadcast, USA) and Inatech (energy software, UK)
• Data Stolen: 70GB from NEP Group, 51GB from Inatech
• Ransomware Group: Alp-001
• Leak Tactics: Sample files (10GB/61 files) uploaded as evidence
• Deadlines: Ransom payments demanded by April 18, 2026

Inside the Double Breach

The Alp-001 group is quickly building a reputation for high-profile, multi-sector attacks. Their latest victims reflect a calculated strategy: NEP Group, with its deep involvement in live broadcasting and studio production, and Inatech, whose cloud software powers critical energy trading operations. Both organizations rely on complex IT stacks, dotted with mainstream SaaS and cloud services - ranging from Microsoft 365 and Salesforce to Atlassian and Zoho - making them lucrative targets for ransomware operators seeking sensitive operational data and business secrets.

Alp-001’s approach is chillingly systematic. After breaching defenses, they exfiltrated massive troves of internal data - 70GB from NEP Group and 51GB from Inatech. To prove their claims, the attackers released substantial samples: 10GB from NEP and a collection of 61 files from Inatech. This tactic not only pressures victims to negotiate but also demonstrates to potential buyers on the dark web the authenticity and value of the stolen data.

Technical details from DNS and email records reveal extensive integration with third-party platforms, a potential vector for compromise. Notably, NEP Group had no direct employee credentials compromised, but 23 third-party accounts were flagged, underscoring the risk posed by supply chain and external partners. Meanwhile, Inatech’s cloud-heavy operations expose a broad attack surface, with verification records for a slew of cloud services visible in DNS entries.

Both companies now face a stark dilemma: pay the ransom before the April 18 deadline or risk the full public release of their data. The broader industry is watching closely, as Alp-001’s coordinated leaks highlight the growing intersection of ransomware, data brokerage, and supply chain vulnerabilities.

Conclusion

As Alp-001 escalates its campaign of digital extortion, the twin breaches at NEP Group and Inatech serve as a stark warning: in today’s interconnected corporate world, no sector is immune, and the next headline-making attack may be just a DNS entry away. Vigilance, robust cyber hygiene, and supply chain scrutiny have never been more critical.

WIKICROOK

• Ransomware: Ransomware is malicious software that encrypts or locks data, demanding payment from victims to restore access to their files or systems.
• Data Exfiltration: Data exfiltration is the unauthorized transfer of sensitive data from a victim’s system to an attacker’s control, often for malicious purposes.
• SaaS (Software as a Service): SaaS (Software as a Service) delivers cloud-based software online, letting users access and manage apps without local installation or maintenance.
• DNS Records: DNS records are digital instructions that direct internet traffic to the right servers, ensuring websites and services are accessible and secure.
• Supply Chain Attack: A supply chain attack is a cyberattack that compromises trusted software or hardware providers, spreading malware or vulnerabilities to many organizations at once.