diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index b9bebd3..285d040 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -289,7 +289,6 @@
       "meta": {
         "synonyms": [
           "PLA Unit 78020",
-          "APT 30",
           "Override Panda",
           "Camerashy",
           "APT.Naikon"
@@ -1089,10 +1088,13 @@
     {
       "meta": {
         "refs": [
-          "https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf"
-        ]
+          "https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf", "https://attack.mitre.org/wiki/Group/G0013"
+        ],
+        "synonyms": ["APT 30"],
+        "country": "CN"
       },
-      "value": "APT30"
+      "value": "APT30",
+      "description": "APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches."
     },
     {
       "meta": {
@@ -1256,5 +1258,5 @@
   ],
   "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
   "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
-  "version": 9
+  "version": 10
 }