The ransomware group started publishing Henning Harders data on its website on 23 March.
The process has been stepped up in recent days with files about users, company documents and emails having been published, these sources said.
Like some other ransomware groups, Maze exfiltrates data from websites it attacks before the data is encrypted and a ransom note generated.
If the victim does not pay up, the Maze operators then publish more data. If the cyber criminals conclude that the victim is not going to pay up, then they often post the data on forums which are frequented by professional hackers.
Such information is often used in phishing attacks and also for stealing financial and other details.
Henning Harders avoided a direct answer when asked whether it had restored the machines that had been affected in the attack, saying instead on Friday that it had remained operational uninterrupted throughout the period.
A company spokesperson gave a more direct answer when asked by iTWire whether it was aware that company information was circulating in public, saying, "Yes. The company has previously confirmed as much several weeks ago, including on its website on 9 April."
First indications of the attack were reported on 22 March, with the company saying in a statement that customer data may have been accessed, but there was no evidence to show that it had been misused.
The updated Henning Harders statement says that while an investigation is ongoing, there is no timeframe for its completion.