They threatened to publish the entire customer database if a ransom of 15,000 Euros wasn't paid by the end of the day on April 25, 2014.
To prove that they had the data, the hackers published a list of databases and tables, along with two samples of customer data, including name, e-mail addresses, phone number, address, VAT number, login and hashed password.
"Alfanet has two more days to pay us 15,000 Euros," the hackers wrote at the time. "Unfortunately, so far, they did not reply to our emails. We hope that they will decide to protect their customers before the deadlines expires on Friday evening. If no money is received on Friday evening, we will post their entire database and we will directly attack some of their customers."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
On April 25, they published a list of approximately 12,000 customers' names, writing, "We have decided to give them an additional 24 hours to do the right thing and protect their customers. Below are the names of all of the people whose data is in our possession. If Alfa Hosting still has not agreed to meet our demands by tomorrow evening, we will publish their contact data, login and passwords."
As of the morning of April 28, no further information had been released.