Last Ransomware victims

Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business


Groups

0


Victims

0


Victims this month

0


Victims this year

0
This page lists the latest 100 ransom claims detected by Ransomware.live. We continously scrape ransomware group sites to detect new victims.
Ransomware.live has been tracking ransomware's victims since April 2022.


Ransomware.livedoes not exfiltrate, download, host, repost, or disclose any stolen data. Any legal concerns regarding the content should be directed at the attackers, notRansomware.live. This platform is dedicated to cybersecurity awareness, reporting on ransomware incidents to inform the public.Ransomware.liveoperates independently, with no affiliation or alignment with any ransomware groups, and does not host or distribute infringing content. All information is automatically gathered and redacted from publicly accessible sources, including ransomware leak sites on the dark web.




View summary page

KR flag

sk.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-10 11:11

Over 1 TB of files downloaded from their servers . Company has 48 hours to contact us before we publish the data . In the U.S., SK is investing in businesses and expanding our local operations in electric vehicle batteries, life sciences, tec ...

Victim:   |  Group: 
SG flag

Algas Engineering Pte Ltd - Algas Engineering 

Company logo
Ransomware Group:

Discovery Date: 2025-04-10 11:09

Sector: Not Found
Algas Engineering Algas Engineering Pte Ltd is a gas pipe contractor, established in early 2007, with the core capability of dealing with gas pipe installation for both new and alteration & addition (A&A) of residential and commercial develo ...

Victim:   |  Group: 
CZ flag

Správa služeb hlavního města Prahy 

Company logo
Ransomware Group:

Discovery Date: 2025-04-10 04:19
Estimated Attack Date: 2025-04-09

Status: 29d 13h 39m 0s - Size Data: 200 GB

Victim:   |  Group: 
US flag

Potomac Financial Services 

Company logo
Ransomware Group:

Discovery Date: 2025-04-10 02:52
Estimated Attack Date: 2025-04-07

We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning.

Victim:   |  Group: 
US flag

silocaf.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 23:54
Estimated Attack Date: 2025-02-28

Silocaf of New Orleans, Inc. is an experienced coffee processor, translating thorough product knowledge into high standards and superior performance. They utilize the most advanced techniques to weigh, clean and blend coffee according to each client's unique specifications. They have also developed processes which enable them to upgrade an individual coffee's quality by eliminating certain defects. They were founded in New Orleans in 1993. Silocaf of New Orleans is a subsidiary of Pacorini S.r.l. of Trieste, Italy. ===> Phone Number: (504) 896-7800 Revenue: $83.4 Million Employees: 333 Data:178gb Contact: Maurizio Zaves | President & C.E.O. Silocaf USA, LLC One Coffee Plaza - 5240 Coffee Drive New Orleans-LA 70115-7755 - U.S.A. T +1 504 896 7800 I M +1 504 382 760 I F +1 504 896 7834 E m.zaves@silocaf.com

Victim:   |  Group: 
US flag

chesterfieldtwp.org 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 23:53
Estimated Attack Date: 2025-03-06

The Chesterfield Township Library provides meeting rooms so that the library can promote its program of service to the community. The library board of trustees recognizes that the library facilities belong to the community and permits facilities use by established local non-commercial groups and organizations. The policy is subject to change at any time. ===> Phone Number: (504) 896-7800 Revenue: $21.3 Million Employees: 174 Data:49gb

Victim:   |  Group: 
DE flag

finetech.de 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 23:51
Estimated Attack Date: 2025-03-09

Sector: Technology
Copyright © 2020 Finetech GmbH & Co. KG, All rights reserved. Finetech respects your privacy. We use cookies for a variety of purposes, such as website functionality, improving your experience of our website and building integration with social media. By continuing your visit on our website, you are consenting to our use of cookies. More info With an user account you get ===> Revenue: $25.7 Million Employees: 115 Data:137gb Phone Number: +49 309366810 Managing Director +86-21-58866-1668 Senior IT-Systemadministrator +49 30 936681 592 Senior Konstrukteur DD +49351888566-23 Service Engineer +491717646694 Service Engineer +4916090734566 Service Engineer +4915785005796

Victim:   |  Group: 
US flag

Dumont Telephone 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 19:47

Dumont Telephone is a proven leader in technology and a proud sup porter of regional economic development. We give our customers sm all-town service with products that rival big-time tech companies , including broadband internet, streaming video, telephone, and b usiness services. We are ready to upload more than 6 GB of essential corporate docu ments such as: financial data (audits, payment details, reports), insurance documents, corporate licenses, agreements and contract s, personal SSN’s, etc.

Group: 
ES flag

Dinaksa Pesaje 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:20
Estimated Attack Date: 2024-10-22

Dinaksa pesaje offers a rental service of different weighing equipment at the disposal. Its' customers require having a high number of machines to facilitate the process in certain moments such as inventories. Dinaksa pesaje has a wide range ...

Victim:   |  Group: 
HU flag

Sasszemklinika 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:18
Estimated Attack Date: 2024-11-01

Sector: Healthcare
Laser eye surgery at the country's largest clinic with 110,000 Eagle Eye Treatments. Eagle Eye Clinic. Medical Guarantee, installment payments. The company didn't enter to the chat room.

Victim:   |  Group: 
US flag

MHT Partners 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:16
Estimated Attack Date: 2024-09-19

MHT Partners is a leading national middle market investment bank focused on representing industry leaders in growth markets. The team at MHT Partners assists clients with seller advisory, acquisition advisory, corporate finance and strategic ...

Victim:   |  Group: 
JP flag

SPEEDFAM 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:15
Estimated Attack Date: 2025-01-26

SFIN is a company established in Joint Venture techno-commercial collaboration with Speedfam Co. Ltd., Japan who is a world leader in Flat Surface Lapping and Polishing equipment manufacturing. Speedfam India started manufacturing in Techno-c ...

Victim:   |  Group: 
GB flag

Blink Photo 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:13
Estimated Attack Date: 2024-08-19

Sector: Not Found
Blink Photo Content is a passionate group of creative thinkers and content creators, specializing in Photography, CGI, Video, Design, and Digital services in the UK and China. They excel in solving commercial and strategic challenges for vari ...

Victim:   |  Group: 
US flag

North Platte Natural Resources District 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:11
Estimated Attack Date: 2024-11-27

The North Platte Natural Resources District is committed to protecting Nebraska's natural resources, focusing on water quality, forestry, soil management, and conservation practices. Serving the local community, they provide resources and pro ...

Victim:   |  Group: 
 flag

Galvatech 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:09
Estimated Attack Date: 2025-01-12

Sector: Not Found
Galvatech is a family-owned business that has been servicing the steel industry in Sydney Central West for 40 years, specializing in hot dip galvanizing to the AS/NZS 4680:2006 standard. Known for its efficiency and reliability, the company o ...

Victim:   |  Group: 
TH flag

Helitek Company Ltd. 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:08
Estimated Attack Date: 2024-12-25

Sector: Not Found
Helitek Company Ltd. manufactures silicon wafers. The Company's products include prime wafers, single and double side polished wafers, test wafers, silicon ingots, dopants, and backside treatments. Helitek sells its products in the United Sta ...

Victim:   |  Group: 
TH flag

Bangkok Electronics Co., Ltd 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 17:06

Sector: Technology
Bangkok Electronics Co., Ltd ========================Pwn3d=================================== By Qilin & Devman ================================================================ p.s sorry guys did not count the number of files allot of them.. ...

Victim:   |  Group: 
US flag

Simms Sigal Linwood Inc. 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 15:47

Sector: Not Found
Representing brands from all reaches of the world Simms Sigal Lin wood Inc. is one of the leading and most trusted importers and di stributors in the indusrty. We are ready to upload a lot of essential corporate documents suc h as: contact numbers and e-mail addresses of employees and custo mers, financial data (audits, payment details, reports), etc.

Group: 
EE flag

Hotell Euroopa 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 14:47

Hestia Hotel Group OU is an enterprise located in Estonia, with t he main office in Tallinn. It operates in the All Other Business Support Services industry. We are ready to upload more than 12 GB of essential corporate doc uments such as: contact numbers and e-mail addresses of employees and customers, corporate licenses, agreements and contracts, fin ancial data (audits, payment details, reports), etc.

Group: 
 flag

Consonic 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 14:47

Sector: Not Found
Consonic has a proud 50 year history of providing engineering sol utions to the Australian and New Zealand Automotive, Plastic Proc essing, Packaging, Food Processing and Medical industries. We are ready to upload more than 26 GB of essential corporate doc uments such as: contact numbers and e-mail addresses of employees and customers, internal corporate correspondences, financial dat a (audits, payment details, reports), etc.

Group: 
US flag

ccso2014.local(sheriffs) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 12:04

Cleburne County, Arkansas, population 25,970, is the states 75th and youngest county, formed in 1883 from three existing counties and named for Confederate Army Major General Patrick R. Cleburne. The landscape is rugged and mountainous in the north changing to rolling terrain in the south. Greers Ferry Lake, a reservoir of 40,000 acres, was formed by a hydropower dam of the same name in the early 1960s and created a recreational boom that continues to grow. Tourism is important to the economy, as are cattle and poultry farming and industrial development. The Little Red River provides an excellent fishery for rainbow trout. Fishing, boating, and hunting are important to the county. Cleburne County often hosts fishing tournaments, business meetings, reunions, crafts shows and Saturday night country music.

Victim:   |  Group: 
TR flag

Yozgat City Hospital 

Company logo
Ransomware Group:

Discovery Date: 2025-04-09 07:19

Sector: Healthcare
Modern hospital in Yozgat offering quality care and innovation. Patient health is protected — their data, however, is shared globally.

Victim:   |  Group: 
US flag

physiciansmedicalbilling.net 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 22:36

Sector: Healthcare
Greetings! Today we are posting here the new company, "Physician's Medical Billing Inc". Company Description: Physicians Medical Billing (PMB) is a full-service medical billing and accounts receivable management firm, whose true goal is maximum...

Victim:   |  Group: 
US flag

gramoll.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 22:13
Estimated Attack Date: 2025-03-14

Sector: Construction
Phone Number: (801) 295-2341

Victim:   |  Group: 
US flag

farmerbros.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 20:14
Estimated Attack Date: 2025-02-19

Food & Beverage | 341.1 Million Founded in 1912, Farmer Brothers is a national coffee roaster, wholesaler, equipment servicer and distributor of coffee, tea and culinary products. The companys product lines, include organic, Direct Trade and sustainably produced coffee. With a robust line of coffee, hot and iced teas, cappuccino mixes, spices and baking/biscuit mixes, Farmer Brothers delivers extensive beverage planning services and culinary products to its U.S.-based customers. It serves a wide variety of customers, from small independent restaurants and foodservice operators to large institutional buyers, such as restaurant, department and convenience store chains, hotels, casinos, healthcare facilities and gourmet coffee houses, as well as grocery chains with private brand coffee and consumer branded coffee and tea products, and foodservice distributors

farmerbros.com has been previously claimed by Qilin for an attack estimated on 2025-02-19.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-04-08

Victim:   |  Group: 
CA flag

Taxplan 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 20:12

Tax-related documents and data, database and programs

Victim:   |  Group: 
ID flag

Mochtar Karuwin Komar: Indonesian law firm - MKK 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 20:12

Legal advice, case-related documents, financial information, contracts, billing

Victim:   |  Group: 
IN flag

technoforte software pvt ltd 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 20:11

Sector: Technology
All source codes of technoforte's main project - Palms(including mobile version)

Victim:   |  Group: 
EG flag

International Busines Service 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 20:11

Identity cards including front and back of about 3,000 people (image, pdf), HR reports, Pay documents

Victim:   |  Group: 
CO flag

Iris Neofinanciera 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 20:10

All files of google drives, google chatting data ,workmanager documents(for last 5years) ,sql dbs and personal information of clients and staffs.

Victim:   |  Group: 
US flag

RFMS, Inc. 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 18:58

Sector: Not Found
USA - RFMS, Inc.

Victim:   |  Group: 
US flag

www.gchd.org 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 18:10

Sector: Healthcare
The Galveston County Health District is committed to identifying public health issues that impact our everyday life. We work daily to prevent disease, protect against public health threats and promote good health for all of Galveston County. ...

Victim:   |  Group: 
SG flag

averasia 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 18:09
Estimated Attack Date: 2025-02-14

Sector: Not Found
We are widely recognized as a transformative equipment rental company, offering an extensive range of products including MEWP equipment, generators, compressors, telehandlers, battery energy storage systems (BESS), forklifts, tower lights and ...

Victim:   |  Group: 
US flag

Third Avenue Management 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 15:04

Third Avenue Management is a New York City-based asset manager that utilizes a disciplined, value-oriented, and asset-based approach to investing in publicly traded securities. Revenue $48 M

Victim:   |  Group: 
DE flag

crystal-d.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 13:12
Estimated Attack Date: 2025-03-07

At Crystal D, we have been manufacturing corporate gifts, recognition awards and crystal promotional products for more than 20 years.

Victim:   |  Group: 
CH flag

Bauer-Walser AG 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 12:47

Sector: Not Found
Bauer Walser AG is a leading company in the precious metals indus try with a 100-year history of success. We are ready to upload more than 50 GB of essential corporate doc uments such as: corporate NDA’s, contact numbers and e-mail addre sses of employees and customers, financial data (audits, payment details, reports), corporate licenses, agreements and contracts, etc.

Group: 
IT flag

Gruppo C.R S.p.a 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 12:24

Sector: Not Found
Gruppo C.R S.p.a In addition to the main activity represented by the large-scale retail sector, the company, always animated by the great spirit of initiative of its President, over the years has entered other commercial sectors, such as catering and fitness, and in recent times has also organized itself with a real technical structure, ready to study the identification of new solutions both technological and commercial and innovative for the realization of new outlets The large-scale retail sector is specifically characterized by 13 supermarkets under the Conad brand with reference to the food sector, and 1 store under the Upim brand with regard to the non-food sector, and also 2 pet stores under the Pet Store Conad brand. To complete the Group's business proposition, a new Cookery brand was created in 2016 on the occasion of the new opening of the Domus shopping center. To date, the GroupCr has 8 stores under the Cookery brand. Established for our in-house café/diner in the mall, it has since become a full-fledged production center. In this laboratory, bakery, pastry, dairy and kitchen products are prepared daily, with a distribution network for all our supermarkets. I n addition, since 2016 the company has decided to create together with other experts in the field, a craft beer production company, which is marketed with direct supplies to several highly specialized catering establishments in Italy and Europe.Geo: Italy - Leak size: 255 GB Archive - Contains: Files, SQL

Group: 
ID flag

FKS Group 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 12:24

Sector: Not Found
FKS Group FKS Group is a South-East Asian holding company focused on food, infrastructure and property. Its companies combine a strong commitment to logistics and infrastructure with deep domestic and international understanding to realize the potential of businesses and people across the region. FKS Group strives to exceed stakeholders’ expectation and investment by ensuring a continued growth of the Group and developing employee’s competencies. The Group’s significant interests in agriculture, sugar refineries, infrastructure and property developments are managed by the subsidiaries.Geo: Singapore - Leak size: 177 GB Archive - Contains: Files

Group: 
ES flag

Coop57 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 11:34

OVER 12,000 IDS AND PASSPORTS OF CITIZENS OF DIFFERENT COUNTRIES WERE TAKEN Coop57 is a financial instrument that is part of the fair and solidarity finance system. Its mission is to provide options to meet the diverse financial needs of citizens and actors in the social economy. To achieve this goal, Coop57 is integrated into a network of microfinance organizations and federations to jointly develop strategies for building a social and solidarity economy and creating alternative models of the economic cycle.

Victim:   |  Group: 
SG flag

The Fullerton Hotelsand Resorts 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 11:18

The Fullerton Hotels and Resorts owns and operates four propertie s in the Asia-Pacific, with three award-winning hotels in the pri me Central Business District locations of Singapore and Sydney, a s well as a luxury oceanfront resort in Hong Kong. We are ready to upload more than 148 GB of essential corporate do cuments such as: NDA’s and corporate licenses, agreements and con tracts, driver licenses, passports and other employee and custome r documents, financial data (audits, payment details, reports), e tc.

Group: 
NL flag

Thiekon Constructie 

Company logo
Ransomware Group:

Discovery Date: 2025-04-08 10:03

Sector: Construction
Thiekon Constructie BV is a company from Reijen (Netherlands) with more than 40 years of experience in steel structures and zinc coatings. It is the only one in the country with its own hot-dip galvanizing plant, which allows steel processing within a single company. The company performs fabrication and assembly of steel elements (from small parts to complete structures) and provides powder coating service on request. This provides a centralized approach to work using steel, zinc and painting technologies.

Victim:   |  Group: 
CA flag

Doman Building Materials Group 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 23:37

Doman Building Materials Group is a vertically integrated global building materials group. They supply products to retailers across North America. From basic lumber to next generation products, DOMAN optimizes the supply of a wide range of quality building materials. Headquartered in Vancouver, British Columbia, Canada, we operate distribution centers, wood processing plants, specialty sawmills, planers, wood cleaning facilities across North America and private forest lands. This distinctive vertical model allows us to maintain close relationships with the supply chain, ensuring retailers can purchase high-quality products at highly competitive prices. Doman Building Materials Group Ltd. is traded on the Toronto Stock Exchange under the symbol DBM

Victim:   |  Group: 
US flag

Andretti Indoor Karting & Games 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 23:36
Estimated Attack Date: 2025-03-16

Andretti Indoor Karting and Games was established in 2001 and is based in Orlando, Florida. They currently have four state of the art entertainment and event destinations located in Florida, Georgia and Texas. Two additional locations will be opening in 2020 in The Colony, Texas and Katy, Texas. Andretti Indoor Karting and Games has undergone exponential expansion over the last four years and will be debuting several more of their legendary entertainment centers across the United States in the near future. Their locations feature varying entertainment options all under one roof including high-speed super-karts, multi-level tracks, state of the art arcade, cutting edge virtual reality attractions, challenging ropes obstacle courses, unique two-level laser tag arenas, boutique bowling and custom high-tech mini-golf. Each location also offers a fresh, hand-crafted menu, a full bar and in-house gourmet catering to over 10,000+ square feet of event and meeting space.

Victim:   |  Group: 
 flag

galesburg.org 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 22:07

Sector: Not Found
USA - Galesburg Area Chamber of Commerce

Victim:   |  Group: 
GB flag

Cambridge Fluid Systems 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 21:22
Estimated Attack Date: 2024-12-05

They are a full-service provider and Original Equipment Manufacturer (OEM) for high technology industries, committed to delivering the performance you demand, on time and on budget. They focus on continuous improvement to achieve operational ...

Victim:   |  Group: 
 flag

The Komec 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 21:20
Estimated Attack Date: 2025-03-08

Sector: Not Found
What makes Komec truly unique is that its vision and philosophy are not just empty statements that serve no purpose. As the driving force of both factory and product, our two essential values of reliability and honesty, are shared by the enti ...

Victim:   |  Group: 
US flag

Spring Creek Golf & Country Club 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 21:19
Estimated Attack Date: 2024-12-07

Spring Creek Golf Country Club offers golf services and a variety of membership options for enthusiasts. The club provides a vibrant social atmosphere, hosting events such as weddings, business meetings, and gatherings for its members. It is ...

Victim:   |  Group: 
AU flag

JKC Australia LNG 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 21:17
Estimated Attack Date: 2025-01-08

Sector: Energy
JKC Australia LNG Pty Ltd is a company that operates in the Insurance industry. It employs 10 to 19 people and has 1M to 5M of revenue. The company is headquartered in Wickham, Northern Territory, Australia. The company didn't enter to the c ...

Victim:   |  Group: 
US flag

American Air Conditioning & Heating 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 19:47
Estimated Attack Date: 2024-09-09

At American Air Conditioning and Heating Co., we pride ourselves on providing quality service to both residential and commercial customers in the San Antonio area. One of our top priorities is saving you money, and we firmly believe a system ...

Victim:   |  Group: 
IN flag

Dhoot Transmission 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 19:46
Estimated Attack Date: 2024-08-05

Dhoot Transmission is a manufacturer and supplier of automotive components to OEMs. Manufactures wire harness, electronics, copper wire enamelling, tooling components, stamping components, moulding components and cable components for two-whee ...

Victim:   |  Group: 
CH flag

Privat-Spitex Schweiz GmbH 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 19:44

Sector: Healthcare
Industry: Offices of Other Health Practitioners , Ambulatory Health Care Services , Health Care and Social Assistance , Nurses and other medical assistants. Accelerate growth, navigate risk, and control costs with reliable data and insights t ...

Victim:   |  Group: 
 flag

P**o*** 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 19:02

Sector: Not Found
We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning.

Victim:   |  Group: 
CN flag

CVTE 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 19:02

Sector: Technology
We have breached the internal systems of Guangzhou Shiyuan Electronic Technology, securing sensitive files that, if exposed, would cause serious disruption across operations and partnerships.

Victim:   |  Group: 
 flag

Telecontrol 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 17:11
Estimated Attack Date: 2025-04-01

Sector: Technology
One of Telecontrol’s main objectives is to fully meet the client’s needs by delivering services with the utmost care and professionalism, with a view to continuous quality improvement, while respecting the environment and the Health and Safety of its staff.

Victim:   |  Group: 
US flag

Metal Sales Manufacturing Corporation 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 17:08
Estimated Attack Date: 2025-04-04

**Website**: metalsales.us.com **Revenue**: $270.1 Million Metal Sales is the largest manufacturer of metal roofing, wall, and building systems in the United States, also offering metal fabrication

Victim:   |  Group: 
SG flag

asiapacificex.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 16:31
Estimated Attack Date: 2025-04-06

Sector: Not Found
employee documents(CEO included), corporate emails, finance, HR and many more! In case you cant find readme file: have a look at OBS cloud share: obs://apex-om-fileshare or obs://apex-private-img

Victim:   |  Group: 
IT flag

TIME Group 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 16:13

Sector: Not Found
TIME develops and installs BMS, an ERP system and with both high- level technological and application features, to meet the market needs of Italian SMEs in production and business process manageme nt/monitoring. We are ready to upload a lot of essential corporate documents suc h as: financial data (audits, payment details, reports), employee HR documents, contact numbers and e-mail addresses of employees and customers, etc.

Victim:   |  Group: 
IT flag

ASOLO DOLCE SAS 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 16:12

Sector: Not Found
Asolo Dolce Spa operates within the Production of rusks and biscu its; production of preserved pastry products industry. It was inc orporated in 2006. Its headquarters are located at Via Enrico Fer mi 51 Asolo Veneto 31011. We are ready to upload more than 17 GB of essential corporate doc uments such as: contact numbers and e-mail addresses of employees and customers, financial data (audits, payment details, reports) , etc.

Victim:   |  Group: 
PL flag

SMYK 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 16:12

Sector: Not Found
SMYK stores offer a wide selection of clothing and footwear, toys , baby accessories and other products for children aged 0-14. The SMYK chain’s advantage is the availability of a multitude of pro ducts of various categories for children aged 0-14 “under one roo f”. We are ready to upload more than 28 GB of essential corporate doc uments such as: corporate NDA’s, corporate licenses, agreements a nd contracts, financial data (audits, payment details, reports), contact numbers and e-mail addresses of employees and customers, etc.

Group: 
IT flag

Baucenter.it 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 16:04
Estimated Attack Date: 2024-08-24

Sector: Not Found
BAUCENTER is a reliable partner for private and commercial bathroom and wellness projects, offering complete solutions for wall and floor coverings. With 50 years of industry experience, their competent advice ensures high aesthetic and desig ...

Victim:   |  Group: 
 flag

sunbayhotel.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 16:03

Sunbay Hotel Barbados is an affordable family-friendly resort located on the scenic south coast of Barbados. Offering a range of accommodations including standard, superior, deluxe, and family rooms, the hotel is designed to create lasting me ...

Victim:   |  Group: 
 flag

Dalincoln 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 16:01
Estimated Attack Date: 2024-10-09

Sector: Not Found
Tri-west Building Supplies (D.A. Lincoln) We specialize in the sale, installation and service of In Bay Automatics, Self Serve, Tunnel Systems, and Truck/Bus Wash Systems. At D.A. Lincoln we manufacture the Lincoln Series Self Serve Car/Truc ...

Victim:   |  Group: 
CA flag

Flo Components 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 15:59
Estimated Attack Date: 2024-10-14

Sector: Not Found
FLO Components Ltd. is an automatic greasing systems specialist and the leading supplier of "Total Lube Solutions" to major manufacturers FLO Components Ltd. is an automatic greasing systems specialist and the leading supplier of "Total Lub ...

Victim:   |  Group: 
GB flag

St Edmund's College 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 15:58
Estimated Attack Date: 2024-10-22

Sector: Education
St. Edmund's College is a co-educational Catholic special high school for students with vision impairment or other special needs. As a special school, St. Edmund's provides an individualised education program for students with a clinically di ...

Victim:   |  Group: 
US flag

Hewsco.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 15:56
Estimated Attack Date: 2024-12-22

Sector: Not Found
Hews Company, LLC is a family-owned and Equal Opportunity Employer headquartered in the Greater Portland area for over 85 years. We offer a competitive Wage and Benefits Package, including health and dental coverage, a 401K retirement plan, a ...

Victim:   |  Group: 
PL flag

Wertex Group 

Company logo
Ransomware Group:

Discovery Date: 2025-04-07 15:54
Estimated Attack Date: 2024-12-25

Sector: Not Found
The Wertex Group is committed in providing product utilizing the lastest innovative technologies in fabrics and fibers. It takes dedication to our craft, a commitment to quality and a genuine and ongoing understanding of our customers' needs ...

Victim:   |  Group: 
AE flag

Dubai Company 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:31

Sector: Not Found
Different Locker

Group: 
 flag

Texas Construction Firm 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:31

Sector: Construction
Name disclosed soon

Group: 
TW flag

Optimax Technology 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:31

Sector: Technology
Pending

Group: 
FR flag

doumen.fr 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:31
Estimated Attack Date: 2025-03-22

Sector: Not Found
Still in negotiation

doumen.fr has been previously claimed by Qilin for an attack estimated on 2025-03-22.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-04-06

Victim:   |  Group: 
US flag

Phil Smith Automotive Group 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:25
Estimated Attack Date: 2025-03-29

Phil Smith Automotive Group, headquartered in Lighthouse Point, Florida, is a dealership that sells and services Acura, Kia, Dodge, Jeep, Subaru, Chevrolet, Chrysler, Toyota, Mercedes-Benz, Ford, Lincoln, Hyundai, Nissan, and Ram vehicles.

Victim:   |  Group: 
 flag

Dermatology Solutions 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:24
Estimated Attack Date: 2025-03-31

Sector: Healthcare
At Dermatology Solutions, we provide the highest quality dermatology care, aesthetic and cosmetic dermatology, and now Mohs surgery to the community of Fort Myers, Florida and surrounding areas. Our office specializes in skin care to help you attain healthy and beautiful skin. Whether you are seeking medical care for a problematic skin condition or you simply want to preserve and enhance your skin's youthful glow, our team of medical professionals is committed to providing you with exceptional care for your skin care needs

Victim:   |  Group: 
 flag

National Electronic Transit (N.E.T) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:22
Estimated Attack Date: 2025-04-01

Located in Lyndhurst, NJ, National Electronic Transit (N.E.T) specializes in high-value specialized delivery and print production logistics

Victim:   |  Group: 
US flag

Altara 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:21
Estimated Attack Date: 2025-04-01

Sector: Not Found
Altara is a global Microsoft Dynamics Gold Certified partner recognized for providing outstanding ERP & CRM implementations and Microsoft expertise. Our relentless pursuit of customer satisfaction and ability to implement customer specific solutions backed with unparalleled support places us in the top Microsoft Dynamics partners worldwide. What makes Altara a leading Microsoft® Dynamics provider also makes us a valuable partner in furthering the success of our clients’ businesses.

Victim:   |  Group: 
EG flag

IACC Holdings 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:19
Estimated Attack Date: 2025-04-04

IACC Holdings is a privately owned investment company with a focus on shipping and logistics. Our origins trace back to 1979, when industry pioneer Mostafa El Ahwal founded International Associated Cargo Carrier (IACC). Decades of being at the forefront of the Egyptian and regional markets, has poised IACC Holdings to take a leadership role in investing in, and developing the regional and global supply chain.

Victim:   |  Group: 
US flag

Texla Energy Management 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:18
Estimated Attack Date: 2025-04-04

Sector: Energy
Texla Energy Management, Inc. is a privately-held energy marketing company based out of Houston, Texas

Victim:   |  Group: 
US flag

Krypton Solutions 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:11
Estimated Attack Date: 2025-04-01

Sector: Technology
Krypton Solutions is a provider of rapid prototyping and low/medium volume turn-key contract manufacturing services to the semiconductor, medical, defense and telecommunications industries. Krypton Solutions corporate office is located in 3060 Summit Ave, Plano, Texas, 75074, United States and has 141 employees. The total amount of data leakage is 244.30 GB

Victim:   |  Group: 
CA flag

FS Tool Corporation 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 22:10
Estimated Attack Date: 2025-04-01

FS Tool Corporation (founded 1973) - offers cost-effective, solution-based approaches to tooling needs across a variety of industries. The company manufactures carbide and diamond tools for composites, non-ferrous metals, plastics and woodworking. FS Tool corporate office is located in 71 Hobbs Gate, Markham, Ontario, L3R 9T9, Canada and has 111 employees.

Victim:   |  Group: 
FR flag

Groupe Delcourt 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 18:59
Estimated Attack Date: 2025-03-22

Sector: Not Found
Exfiltraded data : yes - Encrypted data : yes

Victim:   |  Group: 
DE flag

Hofmann Fördertechnik GmbH 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 18:54
Estimated Attack Date: 2025-03-29

Exfiltraded data : yes - Encrypted data : yes

Victim:   |  Group: 
IN flag

IDS Infotech 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 18:51

Sector: Technology
Exfiltraded data : yes - Encrypted data : no

Victim:   |  Group: 
MX flag

grupotersa.com.mx 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 18:28

Sector: Not Found
Greetings! Today we are posting here the new company, "Grupo TERSA". Company Description: Grupo TERSA was born from the dream of our Chairman and Founder Rodrigo Valle Hernández in 1982, which has now become the dream of a great team of workers...

Victim:   |  Group: 
US flag

graphiquedefrance.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 18:27

Sector: Not Found
Shop our Lifestyle & Gift Boutique for Designer Stationery, Journals, Planners, Calendars, Holiday, Home Decor, Greeting Cards, Gifts & beyond! Fashion Your Life with Graphique!

Victim:   |  Group: 
CH flag

Swiss Capitals Group 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 10:59

Swiss Capitals Group Swiss Capitals Group is the holding of a group of companies with more than 40 years of experience of investments in differents sectors. More

Victim:   |  Group: 
US flag

National Ticket Company 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 10:41
Estimated Attack Date: 2025-04-04

National Ticket Company – Tickets and wristbands since 1907.

Victim:   |  Group: 
CH flag

Bosshard-Farben AG 

Company logo
Ransomware Group:

Discovery Date: 2025-04-06 08:00
Estimated Attack Date: 2025-03-28

[IA generated] Swiss company specializing in the production of paints, varnishes, and glazes for building and wood protection,

Victim:   |  Group: 
JO flag

Eagle Distilleries 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 23:55

Status: 29d 20h 8m 34s - Size Data: 50 GB

Victim:   |  Group: 
CL flag

caschile.cl 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 23:41

CAS–CHILE® is a company with 30 years of experience in the Information Technology market, dedicated to the design, development, and maintenance of public and municipal management software. As experts in the design, construction, and maintenance of software for public management, we develop IT platforms distributed throughout the country with excellent results, backed by the improvement, optimiz

Victim:   |  Group: 
 flag

Optimax Technology 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 17:17
Estimated Attack Date: 2025-04-05

Sector: Technology
Optimax Technology ========================Pwn3d=================================== By Qilin & Devman ================================================================ p.s sorry guys did not yet wheight the files allot of ...

Victim:   |  Group: 
IN flag

ABITL Finishing 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 17:15

United States

Victim:   |  Group: 
US flag

Baltimore Steel Erectors 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 17:13
Estimated Attack Date: 2025-03-26

Sector: Construction
United States

Victim:   |  Group: 
US flag

Hawk Technology 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 17:12
Estimated Attack Date: 2025-03-26

Sector: Technology
United States

Victim:   |  Group: 
US flag

Csm Engineering 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 17:10
Estimated Attack Date: 2025-03-25

Sector: Not Found
United States

Victim:   |  Group: 
US flag

L&S Mechanical (Reuploaded) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 14:24
Estimated Attack Date: 2025-04-03

Sector: Construction
L&S Mechanical began as a Dallas-based contractor in 1985 and has grown over the years to have six locations out of Dallas, Fort Worth, Houston, San Antonio and Austin.  Over the past thirty years, we have become known as the premier provider of new home construction in the plumbing industry. In the last 10 years we have added HVAC and electrical services to now offer the Tri-Trade Solution℠.  The people you have worked with, the quality, and the service our customers have come to expect remain the same, but now we are making it even easier to get things done. Being a single-source provider of mechanical services, our customers are able to more efficiently control their schedules and meet their deadlines. In 2017, we have expanded our brand once again to offering Preventive Maintenance Programs that will allow old and new customers the ability to have honest, quality preventive work done on their homes for years to come.We pride ourselves on having some of the most highly trained technicians in the industry. Technicians participate in an online training platform and have on-site, trade specific trainers that keeps them current on product specs, new industry developments, and providing superior customer service. We also do training in the field, and provide instructor-led training on a regular basis.After delivering over 100,000 homes across the US, we know what builders and contractors are looking for; and we take that knowledge to all the homeowners we serve as well.  From start to closing, we will deliver excellence every stage of the way.The company is in the investment portfolio of STERLING GROUP - https://sterling-group.com/- Database- Project documentation- Drawings- Financial documents- Personal information of employees and clients https://www.lsmech.com/

Victim:   |  Group: 
MX flag

Industrial Corona de México 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 14:22
Estimated Attack Date: 2025-03-29

Industrial Corona de México has been a manufacturer of injection-molded plastic parts and tools for the industrial, automotive, electronics, and consumer markets since 1964. We specialize in high volume production of precision plastics including small aesthetic components and tight tolerance functional parts.With two certified facilities located in San Juan del Rio, Queretaro and Mexico City, we are committed to quality throughout the mold design and manufacturing to the injection and finish of the part.- Database- Drawings- Financial documents- Personal information of employees and clients http://icorona.mx/en/index.html

Victim:   |  Group: 
US flag

HighWire Press 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 10:47
Estimated Attack Date: 2025-03-18

Sector: Technology
Jiraware <<3 !! We hold sensitive data from HighWire Press, a leading platform serving scholarly publishers. The data includes internal documents, communications, and materials that could impact both HighWire and its publishing partners.

HighWire Press has been previously claimed by Babuk2 for an attack estimated on 2025-03-18.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-04-05

Victim:   |  Group: 
US flag

Racami 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 10:47

Sector: Technology
Jiraware <<3 !! We have breached Racami’s internal systems. The data in our possession poses a serious threat to their business continuity, reputation, and client trust.

Victim:   |  Group: 
PL flag

Asseco 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 10:46

Sector: Technology
Jiraware <<3 !! We have breached Asseco’s internal systems, stealing sensitive files, communications, financial records, and source material

Victim:   |  Group: 
SE flag

LeoVegas AB 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 10:46

We have compromised the internal systems of LeoVegas AB. The data in our possession threatens their operations, regulatory compliance, and customer trust.

Victim:   |  Group: 
CY flag

Nexia Poyiadjis IT 

Company logo
Ransomware Group:

Discovery Date: 2025-04-05 09:22

Sector: Technology
Exfiltraded data : yes - Encrypted data : yes

Victim:   |  Group: 
Previous Next