rift.cysentrix
Live monitoring

Signals before
impact.

An operational map of data leaks, extortion, and public exposure, with a confidence level on every signal.

380events in view
22critical priority
18confirmed
4/5active sources

Incident stream

Updated 7m ago · 380 events · Toronto time

Claim High Ransomware

Huntress

AIIcarus claims to have breached technology firm Huntress, per an unverified extortion listing on ransomware.live.

Actor Icarus 1 source
Records Undisclosed
Claim High Ransomware

HDS (Hdscorp)

AIIcarus claims to have listed HDS (Hdscorp) on Ransomware.live's extortion site; the listing is unverified.

Actor Icarus 1 source
Records Undisclosed
Claim High Ransomware

Gms-net

A post was observed on extortion infrastructure associated with Icarus. Impact and scope remain unconfirmed.

Actor Icarus 1 source
Records Undisclosed
Claim High Ransomware

Cqcrm

AIIcarus claims to have listed Cqcrm, a business services firm, on the Ransomware.live extortion site. The claim is unverified.

Actor Icarus 1 source
Records Undisclosed
Claim High Ransomware

Cbassociations

AIIcarus claims to have data from Cbassociations, a business services firm, as listed on their extortion site.

Actor Icarus 1 source
Records Undisclosed
Claim High Ransomware

EON Meditech Pvt

AICMD Organization claims to have breached EON Meditech Pvt, a healthcare company, per an unverified listing on Ransomware.live.

Actor CMD Organization 1 source
Records Undisclosed
Claim High Ransomware

graymont.com

AIChaos claims to have breached manufacturing firm graymont.com, listing it on its extortion site. The claim is unverified.

Actor Chaos 2 sources
Records Undisclosed
Claim High Ransomware

eggetttax.ca

AIBrainCipher claims to have data from eggetttax.ca, an agriculture and food production organization, per a listing on Ransomware.live. This claim is unverified.

Actor BrainCipher 2 sources
Records Undisclosed
Claim High Ransomware

sterlinggloballtd.com

AIBrainCipher claims to have breached sterlinggloballtd.com, listing the business services firm on its extortion site.

Actor BrainCipher 2 sources
Records Undisclosed
Corroborated Critical Data breach

sisacloud.com

Historical breach catalogued by RansomLook: sisacloud.com exposing 992,887 records (148.68 M), originally indexed 2026-06-03.

Actor Unknown 1 source
Records 992,887
Corroborated Critical Data breach

cocacolaep.com

Historical breach catalogued by RansomLook: cocacolaep.com exposing 13,370,207 records (2 G), originally indexed 2026-06-03.

Actor Unknown 1 source
Records 13.4M
Corroborated Critical Data breach

urssaf.fr

Historical breach catalogued by RansomLook: urssaf.fr exposing 689,415 records (152.59 M), originally indexed 2026-06-03.

Actor Unknown 1 source
Records 689,415
Corroborated Medium Data breach

ultracube-mc

Historical breach catalogued by RansomLook: ultracube-mc exposing 734 records (159.27 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 734
Corroborated High Data breach

starblast-mc

Historical breach catalogued by RansomLook: starblast-mc exposing 22,917 records (8.33 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 22,917
Corroborated Medium Data breach

velenhq-mc

Historical breach catalogued by RansomLook: velenhq-mc exposing 207 records (42.26 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 207
Corroborated Medium Data breach

destinypvp-mc

Historical breach catalogued by RansomLook: destinypvp-mc exposing 2,596 records (408.13 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 2,596
Corroborated Medium Data breach

heavennetwork-mc

Historical breach catalogued by RansomLook: heavennetwork-mc exposing 1,358 records (387.06 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 1,358
Corroborated Medium Data breach

averfight-mc

Historical breach catalogued by RansomLook: averfight-mc exposing 2,008 records (777.62 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 2,008
Corroborated Medium Data breach

andaria-mc

Historical breach catalogued by RansomLook: andaria-mc exposing 6,748 records (1.41 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 6,748
Corroborated Medium Data breach

darkfight-mc

Historical breach catalogued by RansomLook: darkfight-mc exposing 638 records (244.12 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 638
Corroborated High Data breach

snkmcfr-maria-mc

Historical breach catalogued by RansomLook: snkmcfr-maria-mc exposing 11,636 records (1.82 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 11,636
Corroborated Critical Data breach

funcloud-mc

Historical breach catalogued by RansomLook: funcloud-mc exposing 256,141 records (36.99 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 256,141
Corroborated Medium Data breach

venaria-mc

Historical breach catalogued by RansomLook: venaria-mc exposing 1,654 records (348.92 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 1,654
Corroborated Medium Data breach

freegen-mc

Historical breach catalogued by RansomLook: freegen-mc exposing 9,712 records (4.38 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 9,712
Corroborated Medium Data breach

odeliamc-mc

Historical breach catalogued by RansomLook: odeliamc-mc exposing 6,322 records (1.1 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 6,322
Corroborated Medium Data breach

taliaxcold-mc

Historical breach catalogued by RansomLook: taliaxcold-mc exposing 4,948 records (887.47 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 4,948
Corroborated Medium Data breach

sparksmc-mc

Historical breach catalogued by RansomLook: sparksmc-mc exposing 3,224 records (684.41 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 3,224
Corroborated Medium Data breach

seasonsky-mc

Historical breach catalogued by RansomLook: seasonsky-mc exposing 2,192 records (468.47 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 2,192
Corroborated Medium Data breach

nostalgiamc-mc

Historical breach catalogued by RansomLook: nostalgiamc-mc exposing 2,895 records (517.48 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 2,895
Corroborated Medium Data breach

hardfight-mc

Historical breach catalogued by RansomLook: hardfight-mc exposing 2,044 records (784.97 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 2,044
Corroborated High Data breach

nerdland-mc

Historical breach catalogued by RansomLook: nerdland-mc exposing 35,929 records (5.82 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 35,929
Corroborated High Data breach

oneblock-mc

Historical breach catalogued by RansomLook: oneblock-mc exposing 14,018 records (2.38 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 14,018
Corroborated Medium Data breach

xeonzia-mc

Historical breach catalogued by RansomLook: xeonzia-mc exposing 1,110 records (681.62 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 1,110
Corroborated Medium Data breach

stormfight-mc

Historical breach catalogued by RansomLook: stormfight-mc exposing 3,699 records (1.39 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 3,699
Corroborated Medium Data breach

ytalliumnetwork-mc

Historical breach catalogued by RansomLook: ytalliumnetwork-mc exposing 985 records (173.44 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 985
Corroborated Medium Data breach

allforonesurvival-mc

Historical breach catalogued by RansomLook: allforonesurvival-mc exposing 3,272 records (599.57 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 3,272
Corroborated Medium Data breach

pixworld-mc

Historical breach catalogued by RansomLook: pixworld-mc exposing 5,592 records (1.14 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 5,592
Corroborated Medium Data breach

pixelax-mc

Historical breach catalogued by RansomLook: pixelax-mc exposing 8,173 records (2.17 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 8,173
Corroborated Medium Data breach

skylord-mc

Historical breach catalogued by RansomLook: skylord-mc exposing 1,244 records (272.99 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 1,244
Corroborated Medium Data breach

snkmcfr-shina-mc

Historical breach catalogued by RansomLook: snkmcfr-shina-mc exposing 7,305 records (1.2 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 7,305
Corroborated Medium Data breach

elitios-mc

Historical breach catalogued by RansomLook: elitios-mc exposing 695 records (124.39 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 695
Corroborated Medium Data breach

wizardmc-mc

Historical breach catalogued by RansomLook: wizardmc-mc exposing 2,400 records (498.92 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 2,400
Corroborated Medium Data breach

voltclicker-mc

Historical breach catalogued by RansomLook: voltclicker-mc exposing 582 records (294.24 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 582
Corroborated Medium Data breach

over2craft-mc

Historical breach catalogued by RansomLook: over2craft-mc exposing 4,379 records (941.11 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 4,379
Corroborated Medium Data breach

legacyfight-mc

Historical breach catalogued by RansomLook: legacyfight-mc exposing 5,178 records (894.01 K), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 5,178
Corroborated High Data breach

soleriamc-mc

Historical breach catalogued by RansomLook: soleriamc-mc exposing 15,007 records (2.92 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 15,007
Corroborated Medium Data breach

ironcraft-mc

Historical breach catalogued by RansomLook: ironcraft-mc exposing 7,185 records (3.49 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 7,185
Corroborated Medium Data breach

energyfight-mc

Historical breach catalogued by RansomLook: energyfight-mc exposing 2,309 records (1.45 M), originally indexed 2026-05-26.

Actor Unknown 1 source
Records 2,309
Claim High Ransomware

NEW PRINZ EUGEN SITE [NOT A CASE FILE]

AIPrinz Eugen claims to have listed NEW PRINZ EUGEN SITE on its extortion site. The claim is unverified.

Actor Prinz Eugen 2 sources
Records Undisclosed
Claim High Ransomware

Ntd Apparel

AIThe Akira ransomware group claims to have breached Ntd Apparel, a Consumer Services firm, per an unverified listing on Ransomware.live.

Actor Akira 2 sources
Records Undisclosed
Claim High Ransomware

Omax Autos

AIAccording to RansomLook, Wallstreet claims to have listed Omax Autos on its extortion site. This claim is unverified.

Actor Wallstreet 1 source
Records Undisclosed
Claim Critical Ransomware

Central Bank of Libya

AIQilin claims to have listed the Central Bank of Libya on its extortion site, per RansomLook; this claim is unverified.

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

MBO GmbH

AIThe Gentlemen group claims to have listed MBO GmbH on its extortion site.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

bits-pilani.ac.in

AIDragonforce claims to have listed bits-pilani.ac.in (Education) on its extortion site. The claim is unverified.

Actor Dragonforce 2 sources
Records Undisclosed
Claim High Ransomware

mihana-v.com

AIDragonforce claims to have listed mihana-v.com on their extortion site, according to Ransomware.live (unverified claim).

Actor Dragonforce 2 sources
Records Undisclosed
Claim High Ransomware

CTM India Limited motherson INDIA

AIThe Gentlemen listed CTM India Limited (motherson INDIA) on its extortion site, claiming to have breached the organization. This is an unverified claim.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

CTM India Limited

AIThe Gentlemen claims to have listed CTM India Limited, a manufacturing firm in India, on their extortion site.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

GIA Partners

AIThe Gentlemen claims to have listed GIA Partners on its extortion site, per RansomLook. This is an unverified claim.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Hooke Laboratories

AIThe Gentlemen claims to have listed Hooke Laboratories on its extortion site, per RansomLook, but this is unverified.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Rowley Properties

AIThe Gentlemen claims to have listed Rowley Properties on its extortion site; the claim is unverified.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Canada Wide Media

AIThe Gentlemen group claims to have breached Canada Wide Media, a Canadian media company, according to a RansomLook extortion-site listing.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

ErgoMed

AIThe Gentlemen claims to have listed ErgoMed on its extortion site, per RansomLook; the listing is unverified.

Actor The Gentlemen 1 source
Records Undisclosed
Claim Critical Ransomware

Royal Thai Navy Housing Cooperative

AIThe Gentlemen group claims to have compromised the Royal Thai Navy Housing Cooperative, a Thai government entity. This is an unverified extortion listing.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

International Freight Services

AIThe Gentlemen claim to have compromised International Freight Services, according to an unverified listing on RansomLook.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

NTP B.V. Civil Engineering Construction

AIThe Aurora ransomware group claims to have listed Dutch construction firm NTP B.V. on its extortion site; the claim is currently unverified.

Actor Aurora 2 sources
Records Undisclosed
Claim High Ransomware

Keywest Projects

AIThe Gentlemen listed Keywest Projects on their extortion site, claiming to have breached the organization.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Union Tractor

AIThe CMD Organization claimed to have breached Union Tractor, an agriculture and food production company, and listed it on its extortion site.

Actor CMD Organization 2 sources
Records Undisclosed
Claim High Ransomware

Kochs GmbH

AIAurora claims to have breached the manufacturing company Kochs GmbH and lists it on its extortion site.

Actor Aurora 2 sources
Records Undisclosed
Claim High Ransomware

NationsBuilders Insurance Services

AIAurora claims to have data from NationsBuilders Insurance Services, a financial services firm, according to an extortion-site listing on Ransomware.live.

Actor Aurora 2 sources
Records Undisclosed
Claim High Ransomware

jaggroup.com UPDATE-FULL DATA DUMP

AIStormous claims to have posted an updated full data dump from jaggroup.com in an unverified extortion listing.

Actor Stormous 1 source
Records Undisclosed
Claim High Ransomware

Wall ISD

AICMD Organization claims to have listed Wall ISD, a US education entity, on its extortion site.

Actor CMD Organization 2 sources
Records Undisclosed
Claim High Ransomware

Belz Institutions

AIQilin claims to have listed Belz Institutions on RansomLook.

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

Tri-tec

AIQilin has listed Tri-tec on its extortion site, claiming to have breached the organization.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

Taiwan Sintong Machinery Co., Ltd

AIQilin claims to have breached Taiwan Sintong Machinery Co., Ltd, a manufacturing firm, as listed on Ransomware.live.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

Sivatel Bangkok

AIThe Qilin ransomware group claims to have compromised Sivatel Bangkok, a telecommunication firm, according to a listing on Ransomware.live.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

Florida Engineering Services

AIQilin claims to have listed Florida Engineering Services, a construction firm

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

jktornel

AIINC Ransom claims to have breached jktornel, per a RansomLook extortion-site listing. The claim is unverified.

Actor INC Ransom 2 sources
Records Undisclosed
Claim High Ransomware

jaggroup.com UPDATE-FULL DATA DUMP

AIStormous claims to have listed a full data dump from jaggroup.com on Ransomware.live.

Actor Stormous 1 source
Records Undisclosed
Claim High Ransomware

Lockers IT

AINova claims to have breached Lockers IT, a technology company, according to an unverified listing on Ransomware.live.

Actor Nova 2 sources
Records Undisclosed
Claim High Ransomware

Artistic Smiles

AINightspire claims to have listed Artistic Smiles, a Consumer Services organization, on its extortion site. The claim is unverified.

Actor Nightspire 2 sources
Records Undisclosed
Claim High Ransomware

Nhà Thành Phố

AINhà Thành Phố was claimed as a victim by threat actor Nova on the RansomLook extortion site. This claim is unverified.

Actor Nova 2 sources
Records Undisclosed
Claim High Ransomware

DEADLINE MONDAY

AIIcarus claims to have breached DEADLINE MONDAY, as listed on RansomLook; the claim is unverified.

Actor Icarus 1 source
Records Undisclosed
Claim High Ransomware

Newspaper Media Group

AIINC Ransom claims to have breached Newspaper Media Group, a consumer services firm, according to a listing on Ransomware.live.

Actor INC Ransom 2 sources
Records Undisclosed
Claim High Ransomware

L'Archevque & Rivest Ltée

AIWorldLeaks claims to have listed L'Archevque & Rivest Ltée on its extortion site, but the claim is unverified.

Actor WorldLeaks 2 sources
Records Undisclosed
Claim High Ransomware

Editora Irmãos Vitale

AIThe Payload ransomware group claims to have breached Brazilian publisher Editora Irmãos Vitale, listing them on their extortion site.

Actor Payload 2 sources
Records Undisclosed
Claim High Ransomware

Preferred Properties

AIPayload has listed Preferred Properties on its extortion site, claiming to have breached the organization.

Actor Payload 2 sources
Records Undisclosed
Claim High Ransomware

Pacific Lamp & Supply

AIQilin claims to have breached Pacific Lamp & Supply, a manufacturing firm, and listed it on its extortion site (unverified).

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

Super Finishing

AIWorldLeaks claims to have data from manufacturing firm Super Finishing.

Actor WorldLeaks 2 sources
Records Undisclosed
Claim High Ransomware

ENB Versicherungen | myenb.ch

AIPayload claims to have targeted financial services firm ENB Versicherungen (myenb.ch), as per an unverified extortion-site listing.

Actor Payload 2 sources
Records Undisclosed
Claim High Ransomware

Qualiflex Solutions | qualiflex.solutions

AIPayload ransomware group claims to have breached Qualiflex Solutions, a business services firm, as listed on Ransomware.live.

Actor Payload 2 sources
Records Undisclosed
Claim High Ransomware

Go2Joy (go2joy.vn)

AIRansomexx claims to have data from Go2Joy, a hospitality and tourism firm, per an unverified extortion listing on Ransomware.live.

Actor Ransomexx 2 sources
Records Undisclosed
Claim High Ransomware

Dosab

AINova ransomware group claims to have breached Dosab, a manufacturing company, according to an extortion listing on Ransomware.live.

Actor Nova 2 sources
Records Undisclosed
Claim High Ransomware

Hosab

AIThe ransomware group Nova claims to have breached business services firm Hosab, according to an unverified listing on Ransomware.live.

Actor Nova 2 sources
Records Undisclosed
Claim High Ransomware

MIT HJERTE

AIUnverified claim: Nova listed MIT HJERTE (healthcare) on its extortion site, claiming a breach.

Actor Nova 2 sources
Records Undisclosed
Claim High Ransomware

One Believing Interiors

AINova claims to have breached One Believing Interiors, a consumer services firm, according to an unverified extortion-site listing.

Actor Nova 2 sources
Records Undisclosed
Claim High Ransomware

Pinnacle Re-Tec

AICMD Organization claims to have breached Pinnacle Re-Tec, a business services company, listing them on their extortion site.

Actor CMD Organization 2 sources
Records Undisclosed
Claim High Ransomware

majorcineplex.com

AILockBit 5 claims to have breached majorcineplex.com, a hospitality and tourism firm, per an unverified extortion listing.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

parkviewtaipei.com

AILockBit 5 claims to have breached parkviewtaipei.com, a hospitality and tourism entity, as listed on Ransomware.live.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

ponce-benzo.com

AILockBit 5 claims to have breached ponce-benzo.com, as per an unverified extortion site listing on Ransomware.live.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

parampackaging.com

AILockBit 5 claims to have attacked parampackaging.com, a manufacturing firm, according to a listing on Ransomware.live.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

primelinkbio.com

AILockBit 5 claims to have listed healthcare organization primelinkbio.com on their extortion site, per Ransomware.live.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

saico.co.th

AILockBit 5 claims to have compromised saico.co.th, a Business Services firm. The listing is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

sanatoriodelta.com

AILockBit 5 claims to have breached sanatoriodelta.com, a healthcare entity, according to an unverified listing on Ransomware.live.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

saude.mt.gov.br

AILockBit 5 listed saude.mt.gov.br (Public Sector) on its extortion site, claiming a breach. The claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

sparkinter.com

AILockBit 5 claims to have listed sparkinter.com, a Technology sector company, on its extortion site.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

teleton.org.hn

AILockBit 5 claims to have breached teleton.org.hn (healthcare), per an unverified listing on Ransomware.live.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

union-chemical.co.th

AILockBit 5 claims to have breached manufacturing company union-chemical.co.th, per a listing on its extortion site. [unverified]

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

venelectronics.com

AILockBit 5 claims to have listed venelectronics.com, a manufacturing company, on their ransomware extortion site.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

weinwurm.cc

AILockBit 5 claims to have listed weinwurm.cc on its extortion site, per Ransomware.live. This is an unverified claim.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

nundungopee.mu

AILockBit 5 claims to have breached nundungopee.mu, per an unverified extortion listing on Ransomware.live.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

utb.edu.vn

AILockBit 5 claims to have targeted utb.edu.vn, listed on its extortion site as an unverified breach.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

hiddenn

AIThegentlemen listed hiddenn on their extortion site, claiming to have breached the organization.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Vera Chimie Management

AIThegentlemen claims to have listed manufacturing firm Vera Chimie Management on their extortion site via Ransomware.live, an unverified claim.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Alexander Buch Bilanzbuchhalter

AIAn unverified claim by Thegentlemen states they have listed Alexander Buch Bilanzbuchhalter (business services) on their extortion site.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

SGS Malaysia

AIThegentlemen claims to have breached SGS Malaysia, a business services firm, in an unverified extortion listing.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

TERRIO Therapy Fitness

AIThegentlemen claims to have data from TERRI

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Ty Thac Co

AIThegentlemen claims to have data from Ty Thac Co, as listed on Ransomware.live, but this is an unverified claim.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Amigest

AIThegentlemen has listed Amigest, an agriculture and food production company, on their extortion site, claiming a breach. This claim is unverified.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Yudu Technology

AIThegentlemen claims to have listed Yudu Technology on their extortion site; the claim is unverified according to Ransomware.live.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Burris MacOmber

AIThegentlemen claims to have listed Burris MacOmber (Business Services) on its extortion site, per Ransomware.live, an unverified claim.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Sertrans

AIThegentlemen claims to have listed transportation/logistics firm Sertrans on its extortion site; the claim is unverified.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Cofaq

AIThegentlemen claims to have breached Cofaq, as listed on Ransomware.live.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Al Khaja Holding

AIThegentlemen claims to have breached Al Khaja Holding, a business services firm, according to an unverified listing.

Actor Thegentlemen 1 source
Records Undisclosed
Claim High Ransomware

Southern design RV

AICMD Organization listed Southern design RV on its extortion site, claiming to have breached the consumer services firm. This claim is unverified.

Actor CMD Organization 2 sources
Records Undisclosed
Claim High Ransomware

Athens Orthopedic Clinic

AIThegentlemen claims to have breached Athens Orthopedic Clinic, a healthcare organization, according to an unverified extortion listing.

Actor Thegentlemen 1 source
Records Undisclosed
Confirmed Critical Data breach

JCPenney

In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters "pay or leak" extortion campaign . Data allegedly obtained from JCPenney through the exploitation of a critical zero-day vulnerability in Oracle PeopleSoft was later publi…

Actor ShinyHunters 1 source
Records 368,418
Claim High Ransomware

aasa.ae

AIKrybit claims to have breached aasa.ae, per a listing on RansomLook, but this claim is unverified.

Actor Krybit 2 sources
Records Undisclosed
Claim High Ransomware

coemi.com.br

AIKrybit claims to have breached coemi.com.br, as listed on RansomLook's extortion site. This claim is unverified.

Actor Krybit 2 sources
Records Undisclosed
Claim High Ransomware

themintgaming.com

AIBrainCipher claims to have data from themintgaming.com, a consumer services firm, according to a listing on Ransomware.live. This claim is unverified.

Actor BrainCipher 2 sources
Records Undisclosed
Claim High Ransomware

www.mupras.com

AIThe Krybit group has listed the business services firm www.mupras.com on its extortion site, claiming to have breached its systems.

Actor Krybit 2 sources
Records Undisclosed
Claim High Ransomware

Athens Orthopedic Clinic

AIThe Gentlemen claims to have listed Athens Orthopedic Clinic on their extortion site.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Roth Industries

AIRoth Industries, a manufacturing firm, was listed on Qilin's extortion site, claiming to have breached their data.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

Sparkle Pools

AIQilin claims to have breached Sparkle Pools, a Consumer Services firm, per an unverified extortion-site listing.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

mlit.com.my UPDATE-FULL DATA DUMP 10GB

AIStormous claims to have a 10GB data dump from public sector org mlit.com.my (listed on Ransomware.live). Unverified claim.

Actor Stormous 2 sources
Records Undisclosed
Claim High Ransomware

PJ Daly Contracting

AIThe Qilin ransomware group claims to have breached construction firm PJ Daly Contracting, listing them on their extortion site.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

Desert Micro

AIExtortion group Nova claims to have breached Desert Micro, a technology company, according to a listing on Ransomware.live.

Actor Nova 2 sources
Records Undisclosed
Claim High Ransomware

Optimum First Mortgage

AIPear claims to have data from Optimum First Mortgage, listed on its extortion site. This claim is unverified.

Actor Pear 1 source
Records Undisclosed
Claim High Ransomware

Hagerman & Company

AIAurora claims to have breached Hagerman & Company (Business Services) in an unverified extortion site listing on Ransomware.live.

Actor Aurora 2 sources
Records Undisclosed
Claim High Ransomware

KTR Real Estate Advisors

AIAnubis claims to have compromised KTR Real Estate Advisors, a financial services firm, in an unverified extortion site listing.

Actor Anubis 2 sources
Records Undisclosed
Claim High Ransomware

ALS Global

AIAurora claims to have listed ALS Global on its extortion site (unverified).

Actor Aurora 1 source
Records Undisclosed
Claim High Ransomware

Klue.com

AIIcarus listed Klue.com on its extortion site, claiming to have breached the technology company.

Actor Icarus 2 sources
Records Undisclosed
Claim High Ransomware

icsecurity.com

AIShinyHunters claims to have breached icsecurity.com, as listed on the RansomLook extortion site. The claim is unverified.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

legendsmn(Blue Ox, Paul Bunyan, Lumberjack Electric)

AINightspire claims to have listed legendsmn (Blue Ox, Paul Bunyan, Lumberjack Electric) on its extortion site; the claim is unverified.

Actor Nightspire 1 source
Records Undisclosed
Claim High Ransomware

dean cosmetic dentistry

AINightspire claims to have breached Dean Cosmetic Dentistry and listed it on its extortion site. This is an unverified claim.

Actor Nightspire 1 source
Records Undisclosed
Confirmed Critical Data breach

Ralph Lauren

In June 2026, fashion retailer Ralph Lauren was targeted in a ShinyHunters "pay or leak" extortion campaign . The group subsequently published hundreds of gigabytes of data they claimed was obtained from the organisation's Salesforce instance, including 140…

Actor Unknown 1 source
Records 139,903
Claim High Ransomware

ra-vogeler.de

AICloak listed ra-vogeler.de on its extortion site, claiming to have breached the German business services firm.

Actor Cloak 2 sources
Records Undisclosed
Confirmed Critical Data breach

Operation Endgame 4.0

On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation , a prolific malware distribution network used to compromise systems and facilitate further cybercrime. Coordinated by international law enforcement agencies wi…

Actor Unknown 1 source
Records 153,527
Claim High Ransomware

THL PROJECT MANAGEMENT SDN. BHD.

AIBusiness services firm THL PROJECT MANAGEMENT SDN. BHD. claims to have been breached by the Qilin ransomware group, as listed on Ransomware.live.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

Homes By J Anthony

AIQilin claims to have listed Homes By J Anthony (construction) on its extortion site; the claim is unverified.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

ATCOM Outsourcing

AIThe Qilin ransomware group claims to have listed ATCOM Outsourcing, a business services firm, on its extortion site

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

B & B Trading

AIThe Pear ransomware group claims to have listed B & B Trading on its extortion site, per an unverified RansomLook entry.

Actor Pear 1 source
Records Undisclosed
Claim High Ransomware

Release Marine, Inc.

AIRelease Marine, Inc. is listed by the Pear group on RansomLook as an unverified extortion claim.

Actor Pear 1 source
Records Undisclosed
Claim High Ransomware

Kirbor Homes

AIThreat actor Pear listed Kirbor Homes on its extortion site, claiming to have breached the organization, per RansomLook.

Actor Pear 1 source
Records Undisclosed
Claim High Ransomware

Skupina Don Don - GRUPO BIMBO

AIQilin claims to have listed Skupina Don Don - GRUPO BIMBO (Agriculture and Food Production) on its extortion site.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

icsecurity.com

AIShinyHunters listed technology

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

Berg Lilly

AIAkira claims to have breached Berg Lilly and listed the organization on its extortion site.

Actor Akira 2 sources
Records Undisclosed
Claim High Ransomware

hiidden

AIThe Gentlemen claims to have listed hiidden on its extortion site, per RansomLook. This is an unverified claim.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Lawson Roofing

AIRhysida claims an unverified breach of construction firm Lawson Roofing, per an extortion site listing

Actor Rhysida 2 sources
Records Undisclosed
Claim High Ransomware

Makel Companies Group

AIThe Qilin ransomware group claims to have listed construction firm Makel Companies Group on its extortion site. This claim is unverified.

Actor Qilin 2 sources
Records Undisclosed
Claim High Ransomware

SELECT WINES

AIThe Bravox ransomware group claims to have listed SELECT WINES, an agriculture and food production company, on its extortion site.

Actor Bravox 2 sources
Records Undisclosed
Claim High Ransomware

www.someco.com

AILynx has listed www.someco.com on their extortion site, claiming to have breached the organization.

Actor Lynx 2 sources
Records Undisclosed
Claim High Ransomware

Ty Thac Co

AIThe Gentlemen claims to have data from Ty Thac Co, per an extortion site listing tracked by RansomLook (unverified).

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Amigest

AIThe Gentlemen has listed Amigest as a victim on their extortion site (per RansomLook), claiming a breach.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Yudu Technology

AIThe Gentlemen listed Yudu Technology on their extortion site, claiming to have breached the organization.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Burris MacOmber

AIThe Gentlemen group claims to have listed Burris MacOmber on their extortion site, per RansomLook.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Sertrans

AIThe Gentlemen group claims to have listed Sertrans on its extortion site, as observed on RansomLook. This listing is unverified.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Cofaq

AIThe Gentlemen claims to have listed Cofaq on their extortion site, but this claim is unverified.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Al Khaja Holding

AIThe Gentlemen group claims to have breached Al Khaja Holding, based on an unverified RansomLook extortion-site listing.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

sweetome.com

AILockBit 5 claims to have data from sweetome.com, listed on RansomLook's extortion site. The claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

probat.ag

AILockBit 5 claims to have breached probat.ag, according to an unverified listing on RansomLook.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

delano.k12.mn.us

AILockBit 5 listed delano.k12.mn.us on an extortion site, claiming a breach, though the claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

eternal.hk

AILockBit 5 claims to have breached eternal.hk, according to an unverified claim on the RansomLook extortion site.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

5deagosto.com.br

AILockBit 5 claims to have listed 5deagosto.com.br on their extortion site, per RansomLook. Unverified claim.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

abandw.com

AIRansomLook reports that LockBit 5 claims to have listed abandw.com on its extortion site.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

ag-360.ca

AILockBit 5 claims to have breached ag-360.ca, as listed on its extortion site (unverified).

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

elematic.com

AIThreat actor LockBit 5 claims to have listed elematic.com on its extortion site, according to RansomLook.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

amc.co.th

AILockBit 5 claims to have listed amc.co.th on its extortion site, according to RansomLook; an unverified claim.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

casaandina.com.co

AILockBit 5 listed casaandina.com.co on its RansomLook extortion site, claiming a breach. This is an unverified claim.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

bvi.co.bw

AILockBit 5 claims to have breached bvi.co.bw, listing it on their extortion site, according to RansomLook.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

comta.com.tw

AIAccording to RansomLook, LockBit 5 claims to have listed comta.com.tw on its extortion site. The claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

daikyonishikawa.co.jp

AILockBit 5 claims to have listed daikyonishikawa.co.jp on its extortion site as an unverified breach.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

rubbercompounding.com

AILockBit 5 claims to have listed rubbercompounding.com on the RansomLook extortion site. This is an unverified claim.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

drwu.com

AILockBit 5 claims to have breached drwu.com, as listed on RansomLook. The claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

felizhotelboracay.com

AILockBit 5 listed felizhotelboracay.com on their extortion site, claiming to have data from the organization.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

greyhighschool.com

AILockBit 5 has listed greyhighschool.com on its extortion site, claiming to have breached the organization.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

idefeey.yucatan.gob.mx

AILockBit 5 claims to have compromised idefeey.yucatan.gob.mx, per an extortion-site listing on RansomLook.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

inspeqingenieria.com

AILockBit 5 claims to have listed inspeqingenieria.com on its extortion site, per RansomLook. This is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

majorcineplex.com

AILockBit 5 claims to have listed majorcineplex.com on its extortion site, per RansomLook. This is an unverified claim.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

parkviewtaipei.com

AILockBit 5 claims to have listed parkviewtaipei.com on its extortion site; the claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

ponce-benzo.com

AILockBit 5 claims to have breached ponce-benzo.com,

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

parampackaging.com

AILockBit 5 claims to have breached parampackaging.com, per a listing on RansomLook. The claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

primelinkbio.com

AIAccording to RansomLook, LockBit 5 claims to have listed primelinkbio.com on its extortion site. This claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

saico.co.th

AILockBit 5 claims to have listed saico.co.th on its extortion site, per RansomLook. This claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

sanatoriodelta.com

AILockBit 5 claims to have compromised sanatoriodelta.com, as per a listing on its extortion site. The claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

saude.mt.gov.br

AILockBit 5 claims to have listed saude.mt.gov.br on its extortion site, per RansomLook, though this is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

sparkinter.com

AILockBit 5 claims to have listed sparkinter.com on its extortion site. The claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

sra.nl

AILockBit

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

teleton.org.hn

AILockBit 5 claims to have listed teleton.org.hn on its extortion site per RansomLook; the claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

union-chemical.co.th

AILockBit 5 claims to have breached Union Chemical (union-chemical.co.th) and listed it on their extortion site.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

venelectronics.com

AILockBit 5 claims to have compromised venelectronics.com, as listed on a ransomware extortion site.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

weinwurm.cc

AILockBit 5 claims to have listed weinwurm.cc on its extortion site (RansomLook), but the claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

nundungopee.mu

AILockBit 5 claims to have listed nundungopee.mu on their extortion site; the claim is unverified.

Actor LockBit 5 1 source
Records Undisclosed
Claim High Ransomware

SGS Malaysia

AIThe Gentlemen group claims to have breached SGS Malaysia, according to an unverified extortion-site listing on RansomLook.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

TERRIO Therapy Fitness

AIAn unverified claim from the ransomware group The Gentlemen lists TERRIO Therapy Fitness on its extortion site.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Vera Chimie Management

AIThe Gentlemen claims to have listed Vera Chimie Management on their extortion site.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Alexander Buch Bilanzbuchhalter

AIThe Gentlemen has listed Alexander Buch Bilanzbuchhalter on its extortion site, claiming to have breached the organization.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

Apptricity

AIThe Akira ransomware group claims to have breached Apptricity, a business services company, as listed on its extortion site. The claim is unverified.

Actor Akira 2 sources
Records Undisclosed
Claim High Ransomware

www.eastersealsia.org

AILynx claims to have listed Eastersealsia (Healthcare) on its extortion site, per Ransomware.live. The claim is unverified.

Actor Lynx 2 sources
Records Undisclosed
Claim High Ransomware

United Personnel (a division of Masis Staffing Solutions)

AIUnverified claim: Genesis claims to have listed United Personnel (a division of Masis Staffing Solutions) on extortion site RansomLook.

Actor Genesis 1 source
Records Undisclosed
Claim High Ransomware

The Associated Builders and Contractors of Indiana/Kentucky

AIIn an unverified claim, Genesis listed The Associated Builders and Contractors of Indiana/Kentucky on its extortion site, claiming to possess data from the organization.

Actor Genesis 1 source
Records Undisclosed
Claim High Ransomware

Horizon Family Medical Group

AIINC Ransom claims to have breached Horizon Family Medical Group, a healthcare provider, as listed on its extortion site.

Actor INC Ransom 2 sources
Records Undisclosed
Claim High Ransomware

www.wolfconstruction.net

AILynx claims to have breached construction firm Wolf Construction (www.wolfconstruction.net). This is an unverified listing claim.

Actor Lynx 2 sources
Records Undisclosed
Claim High Ransomware

Amazon owned OneMedical.com

AIShinyHunters claims to have data from healthcare provider Amazon-owned OneMedical.com in an unverified listing on Ransomware.live.

Actor ShinyHunters 2 sources
Records Undisclosed
Claim High Ransomware

NAIC.org

AIShinyHunters claims to have listed NAIC.org, a business services organization, on its extortion site. The claim is unverified.

Actor ShinyHunters 2 sources
Records Undisclosed
Confirmed Critical Data breach

CFGI

In March 2026, the financial consulting and advisory firm CFGI was the target of a ShinyHunters "pay-or-leak" extortion campaign . The group subsequently publicised data allegedly obtained from CFGI comprising corporate contact information, including 243k u…

Actor Unknown 1 source
Records 248,235
Claim High Ransomware

neuwoges.de

AIINC Ransom claims to have listed neuwoges.de on its extortion site, per RansomLook; the claim is unverified.

Actor INC Ransom 2 sources
Records Undisclosed
Claim High Ransomware

seinordovest.it

AISafepay claims to have breached seinordovest.it, according to their extortion site listing; the claim is unverified.

Actor Safepay 2 sources
Records Undisclosed
Claim High Ransomware

Prince George County

AIRansomhouse claims to have breached Prince George County, as listed on RansomLook. This claim is unverified.

Actor Ransomhouse 1 source
Records Undisclosed
Claim High Ransomware

Greg Crosslin

AIPlay ransomware group claims to have listed Greg Crosslin on its extortion site; the claim is unverified.

Actor Play 2 sources
Records Undisclosed
Claim High Ransomware

harcourts.net

AIHarcourts.net, a Consumer Services organization, was claimed to be listed by the Safepay group on their extortion site.

Actor Safepay 2 sources
Records Undisclosed
Claim High Ransomware

zaunsysteme.de

AISafepay claims to have breached zaunsysteme.de, a manufacturing firm, in an unverified extortion site listing.

Actor Safepay 2 sources
Records Undisclosed
Claim High Ransomware

brscappuccio.it

AISafepay claims to have breached brscappuccio.it, a Consumer Services organization, according to a listing on its extortion site (Ransomware.live). This is an unverified claim.

Actor Safepay 2 sources
Records Undisclosed
Claim High Ransomware

gut-heckenhof.de

AISafepay listed gut-heckenhof.de, an organization in agriculture and food production, on its extortion site in an unverified claim.

Actor Safepay 2 sources
Records Undisclosed
Claim High Ransomware

Great Foods

AIThe Lamashtu group claims to have breached Great Foods, an agriculture and food production company, as listed on its extortion site.

Actor Lamashtu 2 sources
Records Undisclosed
Claim High Ransomware

Integrated Technologies

AIThe Play ransomware group claims to have breached Integrated Technologies and listed it on its extortion site. This claim is unverified.

Actor Play 2 sources
Records Undisclosed
Claim High Ransomware

eurOptimum

AIPlay ransomware group listed technology company eurOptimum on its extortion site, claiming a breach.

Actor Play 2 sources
Records Undisclosed
Claim High Ransomware

Smith Filter

AIAkira claims to have listed Smith Filter on their extortion site.

Actor Akira 1 source
Records Undisclosed
Claim High Ransomware

Chebib Control

AISpace Bears claims to have listed Chebib Control as a victim in an extortion-site listing, an unverified claim.

Actor Space Bears 1 source
Records Undisclosed
Claim High Ransomware

www.courdescomptes.sn

AIKrybit claims to have breached courdescomptes.sn per a RansomLook extortion listing. The claim is unverified.

Actor Krybit 1 source
Records Undisclosed
Claim High Ransomware

MHE9 Logística Ltda

AIGunra claims to have listed MHE9 Logística Ltda on its extortion site (RansomLook); the claim is unverified.

Actor Gunra 1 source
Records Undisclosed
Claim High Ransomware

Suárez&Clavera

AIGunra claims to have listed Suárez&Clavera on its extortion site, per an unverified RansomLook listing.

Actor Gunra 1 source
Records Undisclosed
Claim High Ransomware

ersa.com.py

AIRansomware group Krybit claims to have listed manufacturing firm ersa.com.py on its extortion site, per Ransomware.live. The claim is unverified.

Actor Krybit 2 sources
Records Undisclosed
Claim High Ransomware

Gerencial

AISpace Bears claims to have breached Gerencial, as listed on a ransomware extortion site.

Actor Space Bears 1 source
Records Undisclosed
Claim High Ransomware

Promepla

AIRansomhouse claims to have listed Promepla on its extortion site, according to RansomLook. This is an unverified claim.

Actor Ransomhouse 1 source
Records Undisclosed
Claim High Ransomware

jasperplastics.info

AIINC Ransom claims to have compromised jasperplastics.info, according to an unverified extortion-site listing tracked by RansomLook.

Actor INC Ransom 1 source
Records Undisclosed
Claim High Ransomware

Ralph Lauren

AIShinyHunters claims to have breached Ralph Lauren and listed the organization on their extortion site.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

framesiprofessional.com

AIINC Ransom listed framesiprofessional.com on its extortion site, claiming a breach. The claim is unverified.

Actor INC Ransom 1 source
Records Undisclosed
Claim High Ransomware

TINYpulse NINTENDO BREACH (nintendo.com)

A post was observed on extortion infrastructure associated with Shadowbyt3$. Impact and scope remain unconfirmed.

Actor Shadowbyt3$ 1 source
Records Undisclosed
Claim High Ransomware

Novo Nordisk

AIFulcrumsec claims to have listed Novo Nordisk on RansomLook; the claim is unverified.

Actor Fulcrumsec 1 source
Records Undisclosed
Claim High Ransomware

Tecfi SpA

AIRansomware group Dragonforce claims to have compromised Tecfi SpA, as listed on an extortion site.

Actor Dragonforce 1 source
Records Undisclosed
Claim High Ransomware

Allan Brothers Fruit

AIThe Aurora ransomware group claims to have listed Allan Brothers Fruit on its extortion site, per an unverified RansomLook listing.

Actor Aurora 1 source
Records Undisclosed
Claim High Ransomware

Diamond Truck Centres

AIThreat actor Aurora claims to have listed Diamond Truck Centres on its extortion site, per RansomLook, in an unverified claim.

Actor Aurora 1 source
Records Undisclosed
Claim High Ransomware

Sumitomo Electric Bordnetze

AIAurora claims to have breached Sumitomo Electric Bordnetze, per an unverified extortion-site listing on RansomLook.

Actor Aurora 1 source
Records Undisclosed
Claim High Ransomware

Insite Architects

AIAkira claims to have listed Insite Architects on its extortion site, according to RansomLook.

Actor Akira 1 source
Records Undisclosed
Claim High Ransomware

Golfview Developmental Center

AIQilin claims to have compromised Golfview Developmental Center, listing the organization on its extortion site (unverified claim).

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

Sunass

AIAccording to RansomLook, Nova has listed Sunass on its extortion site in an unverified claim.

Actor Nova 1 source
Records Undisclosed
Claim High Ransomware

Central Texas ***** *****

AINightspire has listed an unverified claim on RansomLook against an organization described as 'Central Texas ***** *****'.

Actor Nightspire 1 source
Records Undisclosed
Claim High Ransomware

Ri***** Co**** Europe S.r.l.

AINightspire claims to have breached Ri***** Co**** Europe S.r.l., listed on RansomLook. This claim is unverified.

Actor Nightspire 1 source
Records Undisclosed
Claim High Ransomware

ra-*******e

AIRansomLook reports that Cloak claims to have listed organization ra-*******e on their extortion site. This claim is unverified.

Actor Cloak 1 source
Records Undisclosed
Claim High Ransomware

d**********e

AICloak claims to have listed d**********e on RansomLook in an unverified extortion claim.

Actor Cloak 1 source
Records Undisclosed
Claim High Ransomware

W******S*******D

AICloak claims to have breached W******S*******D, as listed on RansomLook. This claim is unverified.

Actor Cloak 1 source
Records Undisclosed
Claim High Ransomware

Guy E******* & F*******, P.A

AINightspire claims to have listed Guy E******* & F*******, P.A on its extortion site, per RansomLook (unverified).

Actor Nightspire 1 source
Records Undisclosed
Claim High Ransomware

thecreditpros.com

AIIcarus group claims to have listed thecreditpros.com on its extortion site, as reported by RansomLook.

Actor Icarus 1 source
Records Undisclosed
Claim High Ransomware

Notice

AIDeadlock claims to have listed Notice on its extortion site per RansomLook, though the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

SPORTON International Inc.

AIPayload claims to have breached SPORTON International Inc. and listed the organization on its extortion site. The claim is unverified.

Actor Payload 1 source
Records Undisclosed
Claim High Ransomware

ECOVACS

AISpace Bears claims to have breached ECOVACS, according to a listing on the RansomLook extortion site.

Actor Space Bears 1 source
Records Undisclosed
Claim High Ransomware

Q Link Wireless

AIQilin claims to have listed Q Link Wireless on its extortion site.

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

Misericórdia de Santo Tirso

AIUnverified claim: Qilin claims to have listed Misericórdia de Santo Tirso on their extortion site.

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

Kedah

AIThe Nova group claims to have compromised Kedah, according to an unverified extortion-site listing tracked by RansomLook.

Actor Nova 1 source
Records Undisclosed
Claim High Ransomware

icc.edu

AIShinyHunters listed icc.edu on their extortion site, claiming a breach. This claim is unverified.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

moody.edu

AIShinyHunters claims to have breached moody.edu, listed on its extortion site (unverified).

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

glendale.edu

AIShinyHunters claims to have listed glendale.edu on RansomLook, an extortion-site listing. The claim is unverified.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

3

AIINC Ransom has listed Organization 3 on its extortion site, according to RansomLook. This claim is unverified.

Actor INC Ransom 1 source
Records Undisclosed
Claim High Ransomware

****** Agency

AIThe Gentlemen claims to have breached an agency, in an unverified extortion-site listing on RansomLook.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

hughstirling.co.uk

A post was observed on extortion infrastructure associated with Safepay. Impact and scope remain unconfirmed.

Actor Safepay 1 source
Records Undisclosed
Claim High Ransomware

tokyocivil.co.jp

AISafepay claims to have data from tokyocivil.co.jp, listing it on its extortion site. The claim is unverified.

Actor Safepay 1 source
Records Undisclosed
Claim High Ransomware

kawaius.com

AIThreat actor Safepay has listed kawaius.com on RansomLook, claiming to have attacked the organization. The listing is unverified.

Actor Safepay 1 source
Records Undisclosed
Claim High Ransomware

musenet.co.jp

AISafepay claims to have listed musenet.co.jp on its extortion site, per RansomLook; this is an unverified claim.

Actor Safepay 1 source
Records Undisclosed
Claim High Ransomware

bautz-maschinenbau.de

AISafepay listed bautz-maschinenbau.de on its extortion site, claiming to have breached it. The claim is unverified.

Actor Safepay 1 source
Records Undisclosed
Claim High Ransomware

aquaclean.com

AISafepay claims to have listed aquaclean.com on its extortion site; the claim is unverified.

Actor Safepay 1 source
Records Undisclosed
Claim High Ransomware

hoodriversheriff.com

AISafepay listed hoodriversheriff.com on its extortion site, claiming to have breached the organization. The claim is unverified.

Actor Safepay 1 source
Records Undisclosed
Claim High Ransomware

B****S I******t***l

AINightspire has listed B****S I******t***l on its extortion site, according to RansomLook; the claim is unverified.

Actor Nightspire 1 source
Records Undisclosed
Claim High Ransomware

Sheraton Miramar Resort El Gouna

AIThe Nightspire group claims to have listed Sheraton Miramar Resort El Gouna on its extortion site, though the claim is unverified.

Actor Nightspire 1 source
Records Undisclosed
Claim High Ransomware

G**** R****l*e

AINightspire claims to have breached organization G**** R****l*e, as listed on RansomLook. The claim is unverified.

Actor Nightspire 1 source
Records Undisclosed
Claim High Ransomware

CUI Agency

AIThe Gentlemen claims to have listed CUI Agency on its extortion site, per RansomLook.

Actor The Gentlemen 1 source
Records Undisclosed
Claim High Ransomware

anglomoil.com

AIBrain Cipher claimed to have breached anglomoil.com, listing the company on their extortion site. The claim is unverified.

Actor Brain Cipher 1 source
Records Undisclosed
Claim High Ransomware

alu-rex.com

AIBrain Cipher claims to have listed alu-rex.com on its extortion site, as reported by RansomLook.

Actor Brain Cipher 1 source
Records Undisclosed
Claim High Ransomware

Grupo Indi

AIThe ransomware group Qilin claims to have listed Grupo Indi on its extortion site. This claim is unverified.

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

Can Healthcare Group

AIQilin claims to have listed Can Healthcare Group on its extortion site, per RansomLook.

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

Cng Ty Cp T Vn Xd Tng Hp

AIQilin claims to have data from Cng Ty Cp T Vn Xd Tng Hp in an extortion-site listing on RansomLook, but the claim is unverified.

Actor Qilin 1 source
Records Undisclosed
Claim High Ransomware

MAVA Healthcare

AIThe ransomware group Qilin has listed MAVA Healthcare on its extortion site, claiming to have stolen data from the organization.

Actor Qilin 1 source
Records Undisclosed
Confirmed Critical Data breach

June 2026 Stealer Logs

In June 2026, a collection of accumulated stealer logs from various sources was added to HIBP. The corpus comprised 56M unique email addresses across hundreds of millions of stealer log records. The data also contained 124M unique passwords, which have been…

Actor Unknown 1 source
Records 56.3M
Claim High Ransomware

KoMiCo

AIAnubis claims to have listed KoMiCo on their extortion site, per RansomLook, though the claim remains unverified.

Actor Anubis 1 source
Records Undisclosed
Claim High Ransomware

W****e

AIPayoutsking claims to have listed W****e on its extortion site, per RansomLook. This claim is unverified.

Actor Payoutsking 1 source
Records Undisclosed
Claim High Ransomware

Zhangjiagang Fortune Chemical Co. Ltd. Singapore

AIDeadlock listed Zhangjiagang Fortune Chemical Co. Ltd. Singapore on its extortion site. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Summa4

AIDeadlock claims to have breached Summa4, as listed on RansomLook. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Hornavan Hotell

AIDeadlock claims to have listed Hornavan Hotell on its extortion site, per RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

TeleFinity

AIDeadlock claims to have breached TeleFinity, according to an unverified listing on RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

donjon

AIDeadlock claims to have listed donjon on its extortion site. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

CH Paper

AIDeadlock claims to have listed CH Paper on RansomLook's extortion site, though the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Nobani Co

AIDeadlock claims to have breached Nobani Co, as listed on RansomLook extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Fidelity Pension Managers

A post was observed on extortion infrastructure associated with Deadlock. Impact and scope remain unconfirmed.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

CAD93

AIDeadlock claims to have compromised CAD93, according to a listing on RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

SECiL

AIDeadlock claims to have listed SECiL on its RansomLook extortion site. The listing is an unverified claim.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Direção Estacionamentos S.A.

AIAccording to RansomLook, Deadlock listed an unverified claim against

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

EDISA and INVERTIGE

AIDeadlock claims to have listed EDISA and INVERTIGE on its extortion site, per RansomLook; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Breda Energia

AIDeadlock claims to have breached Breda Energia, according to an unverified extortion-site listing on RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Muzeum Valassko

AIDeadlock listed Muzeum Valassko on its extortion site, claiming to have data from the organization. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

bERS

AIDeadlock claims to have breached bERS, according to an extortion-site listing on RansomLook (unverified claim).

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

NXIT and Franco Vago S.p.a. and Traconf Srl

AIDeadlock claims to have listed NXIT, Franco Vago S.p.a., and Traconf Srl on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

AFWorkshop

AIDeadlock claims to have listed AFWorkshop on its extortion site (RansomLook).

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Finam Gabon

AIDeadlock claims to have breached Finam Gabon. The extortion-site listing, tracked by RansomLook, is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

iASK

AIThe Deadlock group claims to have listed iASK on its extortion site, according to RansomLook. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Noega and Esnova

AIDeadlock claims to have listed data from Noega and Esnova on its extortion site, according to RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

IFC Eur

AIDeadlock claims to have breached IFC Eur, listing the organization on its RansomLook extortion site. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

TPToys

AIDeadlock claims to have listed TPToys on its extortion site, according to RansomLook; this claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

EXPRESOKNA SP. Z O.O.

AIDeadlock claims to have breached EXPRESOKNA SP. Z O.O., as listed on its extortion site. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Bär Cargolift Polska Sp. z o.o.

AIDeadlock claims to have listed Bär Cargolift Polska Sp. z o.o. on its RansomLook extortion site; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Grupolider | Grupo Actual

AIDeadlock listed Grupolider | Grupo Actual on its extortion site (RansomLook), though the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Dyhrberg AG Switzerland

AIDeadlock listed Dyhrberg AG Switzerland on its extortion site; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

8.2 Group e.V.

AIDeadlock has listed 8.2 Group e.V. on RansomLook, claiming to have its data in an unverified extortion site listing.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Integra and Operosa

AIDeadlock claims to have breached Integra and Operosa, per an unverified extortion-site listing on RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

JOSO

AIDeadlock listed JOSO on its extortion site, claiming to have breached the organization.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

GEOPARTNER Sp. z o.o. and GEOPARTNER GEOMATICS Sp. z o.o.

AIDeadlock claims to have listed GEOPARTNER Sp. z o.o. and GEOPARTNER GEOMATICS Sp. z o.o. on its extortion site, an unverified claim.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

FIRESTA

AIDeadlock claims to have breached FIRESTA, according to an unverified extortion listing on RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

UFL

AIDeadlock claims to have breached UFL, listing the organization on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Picassent

AIDeadlock has claimed to breach Picassent, listing the organization on its extortion site. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Starconn

AIDeadlock claims to have compromised Starconn, according to a listing on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

EFCA

AIAccording to RansomLook, the Deadlock group claims to have listed EFCA on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

AKSV

AIDeadlock claims to have listed AKSV on its extortion site, per RansomLook; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Bridgeport S.p.A.

AIDeadlock claims to have listed Bridgeport S.p.A. on RansomLook; the

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

SH Hoteles (Spain)

AIDeadlock claims to have listed SH Hoteles (Spain) on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Bombas Ideal

AIDeadlock claims to have listed Bombas Ideal on its extortion site, according to RansomLook. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Ring Textile Production RTP SRL

AIDeadlock claims to have listed Ring Textile Production RTP SRL on its extortion site, according to RansomLook (unverified claim).

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

ADM Value Barcelona

AIDeadlock claims to have listed ADM Value Barcelona on its extortion site. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Consulting Valladolid

AIDeadlock listed Consulting Valladolid on its RansomLook extortion site, claiming an attack; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

ONE Contact

AIDeadlock claims to have compromised ONE Contact, according to an unverified extortion-site listing on RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Elmoris

AIRansomware group Deadlock claims to have breached Elmoris, according to a listing on RansomLook. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Gerusia S.L.

AIDeadlock has listed Gerusia S.L. on its extortion site, an unverified claim.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Maxplast AND Senoco

AIDeadlock listed Maxplast and Senoco on its extortion site, claiming to have breached them.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Grupo Mercurio

AIDeadlock claims to have listed Grupo Mercurio on its extortion site, as reported by RansomLook. This remains an unverified claim.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Zaffrani Srl

AIDeadlock claims to have listed Zaffrani Srl on its extortion site; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Eko-Flor Plus d.o.o.

AIDeadlock claims to have listed Eko-Flor Plus d.o.o. on its extortion site; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

VBW Makelaars and Taxateurs

AIDeadlock claims to have listed VBW Makelaars and Taxateurs on its extortion site, per RansomLook. This is an unverified claim.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Industrie Tecnologiche it

AIDeadlock has listed Industrie Tecnologiche it on its extortion site, claiming to have breached the organization.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

LIVISTO

AIDeadlock claims to have listed LIVISTO on its extortion site, according to RansomLook; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Anidaport - Investimentos Imobiliários Lda., Lisbon, Portugal

AIDeadlock claims to have leaked data from Anidaport - Investimentos Imobiliários Lda., listing the Portuguese firm on its extortion site (unverified).

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Optimal Care SA

AIDeadlock claims to have breached Optimal Care SA and listed it on its extortion site (source: RansomLook). Unverified claim.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

BARCELONA URBAN PROPERTY CHAMBER

AIDeadlock claims to have listed the Barcelona Urban Property Chamber.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Židlochovice city

AIDeadlock listed Židlochovice city on RansomLook, claiming an intrusion. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Werken Química Brasil S.A.

AIDeadlock claims to have breached Werken Química Brasil S.A., listing them on their extortion site. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Güven Mühendislik Makina

AIDeadlock claims to have breached Güven Mühendislik Makina, as listed on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Abhay Prabhavana

AIDeadlock has listed Abhay Prabhavana on their extortion site, per RansomLook; the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Quetzal Química

AIDeadlock ransomware group claims to have compromised Quetzal Química, listing them on their extortion site. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

CIATI

AIDeadlock claims to have breached CIATI, listing the organization on its extortion site RansomLook, but the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

ACU - The Automobile Club of Uruguay

AIDeadlock claims to have breached ACU - The Automobile Club of Uruguay, with the organization listed on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

DOCTUS USA Inc

AIDeadlock group claims to have data from DOCTUS USA Inc, as listed on RansomLook extortion site (unverified).

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

WH Müller

AIDeadlock claims to have breached WH Müller and listed the organization on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Grupo Vanguardia

AIDeadlock claims to have listed Grupo Vanguardia on their extortion site, according to RansomLook.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

WiBeats S.r.l.

AIDeadlock claims to have listed WiBeats S.r.l. on its extortion site.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Schlenker and Cantwell, P.A.

AIDeadlock claims to have listed Schlenker and Cantwell, P.A., but the claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

LA SEVILLANITA SRL

AIDeadlock has listed LA SEVILLANITA SRL on its extortion site, claiming to have data from the organization. This is an unverified claim.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

The Morton Grove Park District

AIDeadlock claims to have compromised the Morton Grove Park District, according to a listing on RansomLook. The claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Weinberg ''93 Építő Kft.

AIThe Deadlock group claims to have listed Weinberg ''93 Építő Kft. on its extortion site, per RansomLook. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Catcorp

AIDeadlock claims to have listed Catcorp on its extortion site, as reported by RansomLook. This claim is unverified.

Actor Deadlock 1 source
Records Undisclosed
Claim High Ransomware

Röben Tonbaustoffe GmbH

AIAilock claims to have listed Röben Tonbaustoffe GmbH on its extortion site. This claim is unverified.

Actor Ailock 1 source
Records Undisclosed
Claim High Ransomware

hccs.edu

AIShinyHunters claims to have breached hccs.edu, as listed on their extortion site and tracked by RansomLook.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

kodak.com

AIShinyHunters claims to have listed kodak.com on RansomLook, an extortion-site listing, as an unverified breach.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

Deep Well Services

A post was observed on extortion infrastructure associated with Shinyhunters. Impact and scope remain unconfirmed.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

Sysco Corporation

A post was observed on extortion infrastructure associated with Shinyhunters. Impact and scope remain unconfirmed.

Actor ShinyHunters 1 source
Records Undisclosed
Claim High Ransomware

Bd

AIThreat actor Bavacai claims to have listed organization Bd on their extortion site. This claim is unverified.

Actor Bavacai 1 source
Records Undisclosed
Confirmed Critical Data breach

Berkadia

In March 2026, the commercial real estate finance company Berkadia was the target of a ShinyHunters "pay or leak" extortion campaign . The group subsequently published data they alleged was taken from Berkadia's Salesforce instance, including over 300k uniq…

Actor Unknown 1 source
Records 305,216
Confirmed Critical Data breach

Infinite Campus

In March 2026, the student information system Infinite Campus was targeted in a ShinyHunters "pay or leak" extortion campaign . The group subsequently published data they alleged was taken from Infinite Campus, containing 137k unique email addresses along w…

Actor Unknown 1 source
Records 137,123
Confirmed Critical Data breach

University of Nottingham

In June 2026, the University of Nottingham was the target of a cyber attack , later linked to a ShinyHunters "pay or leak" extortion campaign. Tens of gigabytes of data were subsequently published online and included 455k unique email addresses along with e…

Actor Unknown 1 source
Records 454,635
Confirmed Critical Data breach

Baker Distributing

In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site . In early June, the group publicly published data they claimed had been obtained from Baker's SharePoint and Sa…

Actor Unknown 1 source
Records 102,935
Confirmed Critical Data breach

BCD Travel

In May 2026, the corporate travel management company BCD Travel was claimed as a victim of the ShinyHunters "pay or leak" extortion campaign . Data allegedly obtained from BCD was subsequently published publicly in early June and contained 396k unique email…

Actor Unknown 1 source
Records 396,313
Confirmed Critical Data breach

DentaQuest

In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters "pay or leak" extortion campaign that resulted in the group publicly publishing hundreds of gigabytes of data allegedly obtained from the company. The data included 2…

Actor Unknown 1 source
Records 2.6M
Confirmed Critical Data breach

Edmunds

In January 2026, the automotive research and car-shopping platform Edmunds was listed by the ShinyHunters hacking group as having been breached . Data purportedly obtained in the incident was later published publicly and included 178k unique email addresses…

Actor Unknown 1 source
Records 177,860
Confirmed High Data breach

Atlas Menu

In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub repository. The incident exposed 64k unique email addresse…

Actor Unknown 1 source
Records 63,926
Confirmed Critical Data breach

Charter

In May 2026, the telecommunications company Charter Communications (the parent company behind the consumer broadband and cable brand Spectrum) was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group later published the data, wh…

Actor Unknown 1 source
Records 4.9M
Confirmed Critical Data breach

Kemper

In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign . The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part o…

Actor Unknown 1 source
Records 269,299
Confirmed High Data breach

Mytheresa

In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group . After the ransom deadline passed, the group publicly released the data which contained 84k unique email addresses. The…

Actor Unknown 1 source
Records 84,108
Confirmed Critical Data breach

Ameriprise

In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environme…

Actor Unknown 1 source
Records 502,597
Confirmed Critical Data breach

7-Eleven

In April 2026, 7-Eleven was the victim of a "pay or leak" extortion campaign by ShinyHunters , with the data later published that month. The incident exposed 185k unique email addresses, along with names, physical addresses, dates of birth and phone numbers…

Actor Unknown 1 source
Records 185,256
380 results