An operational map of data leaks, extortion, and public exposure, with a confidence level on every signal.
Updated just now · 399 events · Toronto time
https://www.reynellaec.sa.edu.au/ Reynella East College is an innovative educational institution offering a comprehensive curriculum for students from preschool to 12th grade. However, the school failed to adequately protect the privacy of its students and …
AIThe threat actor Nova claims to have compromised technology organization Cloudquantum, per an unverified listing on Ransomware.live.
Gov.br — this is the official state digital platform and domain zone of the Brazilian Federal G...
AIApt73 claims to have breached kliknklik.com, a consumer services firm, according to an unverified listing on Ransomware.live.
AIAkira ransomware group claims to have data from Leo International, according to an extortion site listing. This claim is unverified.
AIAkira has listed IH Engineers, a manufacturing firm, on its extortion site claiming a breach.
AIIcarus claims to have listed an organization (initial H*) on its extortion site, per Ransomware.live; this is an unverified claim.
AIThe Icarus ransomware group claims to have compromised organization G* in an unverified extortion site listing.
AIIcarus claims to have breached an organization identified as C*, according to a listing on Ransomware.live. This claim is unverified.
AIThreat actor Apt73 claims to have data from Vienna Airport (Transport/Logistics) in an unverified extortion listing.
AINova group claims to have breached FTL-Fast Transit Line, a transportation/logistics company, per an extortion site listing (unverified).
AIAurora claims to have attacked Corporación Primax S.A., according to an unverified extortion-site listing tracked by Ransomware.live.
AIChaos claims to have breached randa.net, as listed on its extortion site. This claim is unverified.
AIINC Ransom claims to have listed belpointeasset.com and belpointe.com on its extortion site, according to RansomLook; this is an unverified claim.
AIRansomhouse claims to have listed Karl Chevrolet on its extortion site; this is an unverified claim per RansomLook.
Historical breach catalogued by RansomLook: cocacolaep.com exposing 13,370,207 records (2 G), originally indexed 2026-06-03.
AIINC Ransom has listed Financial Services firm belpointeasset.com / belpointe.com on its extortion site, an unverified claim.
AIQilin claims to have breached construction firm Schumacher Homes, according to a listing on Ransomware.live.
AIIcarus claims to have breached technology firm Huntress, per an unverified extortion listing on ransomware.live.
AIIcarus claims to have listed HDS (Hdscorp) on Ransomware.live's extortion site; the listing is unverified.
AIIcarus claims to have compromised Gms-net, a technology firm, in an unverified listing on Ransomware.live.
AIIcarus claims to have listed Cqcrm, a business services firm, on the Ransomware.live extortion site. The claim is unverified.
AIIcarus claims to have data from Cbassociations, a business services firm, as listed on their extortion site.
AICMD Organization claims to have breached EON Meditech Pvt, a healthcare company, per an unverified listing on Ransomware.live.
AIChaos claims to have breached manufacturing firm graymont.com, listing it on its extortion site. The claim is unverified.
AIBrainCipher claims to have data from eggetttax.ca, an agriculture and food production organization, per a listing on Ransomware.live. This claim is unverified.
AIBrainCipher claims to have breached sterlinggloballtd.com, listing the business services firm on its extortion site.
Historical breach catalogued by RansomLook: sisacloud.com exposing 992,887 records (148.68 M), originally indexed 2026-06-03.
Historical breach catalogued by RansomLook: cocacolaep.com exposing 13,370,207 records (2 G), originally indexed 2026-06-03.
Historical breach catalogued by RansomLook: urssaf.fr exposing 689,415 records (152.59 M), originally indexed 2026-06-03.
Historical breach catalogued by RansomLook: ultracube-mc exposing 734 records (159.27 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: starblast-mc exposing 22,917 records (8.33 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: velenhq-mc exposing 207 records (42.26 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: destinypvp-mc exposing 2,596 records (408.13 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: heavennetwork-mc exposing 1,358 records (387.06 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: averfight-mc exposing 2,008 records (777.62 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: andaria-mc exposing 6,748 records (1.41 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: darkfight-mc exposing 638 records (244.12 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: snkmcfr-maria-mc exposing 11,636 records (1.82 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: funcloud-mc exposing 256,141 records (36.99 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: venaria-mc exposing 1,654 records (348.92 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: freegen-mc exposing 9,712 records (4.38 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: odeliamc-mc exposing 6,322 records (1.1 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: taliaxcold-mc exposing 4,948 records (887.47 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: sparksmc-mc exposing 3,224 records (684.41 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: seasonsky-mc exposing 2,192 records (468.47 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: nostalgiamc-mc exposing 2,895 records (517.48 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: hardfight-mc exposing 2,044 records (784.97 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: nerdland-mc exposing 35,929 records (5.82 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: oneblock-mc exposing 14,018 records (2.38 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: xeonzia-mc exposing 1,110 records (681.62 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: stormfight-mc exposing 3,699 records (1.39 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: ytalliumnetwork-mc exposing 985 records (173.44 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: allforonesurvival-mc exposing 3,272 records (599.57 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: pixworld-mc exposing 5,592 records (1.14 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: pixelax-mc exposing 8,173 records (2.17 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: skylord-mc exposing 1,244 records (272.99 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: snkmcfr-shina-mc exposing 7,305 records (1.2 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: elitios-mc exposing 695 records (124.39 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: wizardmc-mc exposing 2,400 records (498.92 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: voltclicker-mc exposing 582 records (294.24 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: over2craft-mc exposing 4,379 records (941.11 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: legacyfight-mc exposing 5,178 records (894.01 K), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: soleriamc-mc exposing 15,007 records (2.92 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: ironcraft-mc exposing 7,185 records (3.49 M), originally indexed 2026-05-26.
Historical breach catalogued by RansomLook: energyfight-mc exposing 2,309 records (1.45 M), originally indexed 2026-05-26.
AIPrinz Eugen claims to have listed NEW PRINZ EUGEN SITE on its extortion site. The claim is unverified.
AIThe Akira ransomware group claims to have breached Ntd Apparel, a Consumer Services firm, per an unverified listing on Ransomware.live.
AIAccording to RansomLook, Wallstreet claims to have listed Omax Autos on its extortion site. This claim is unverified.
AIQilin claims to have listed the Central Bank of Libya on its extortion site, per RansomLook; this claim is unverified.
AIThe Gentlemen group claims to have listed MBO GmbH on its extortion site.
AIDragonforce claims to have listed bits-pilani.ac.in (Education) on its extortion site. The claim is unverified.
AIDragonforce claims to have listed mihana-v.com on their extortion site, according to Ransomware.live (unverified claim).
AIThe Gentlemen listed CTM India Limited (motherson INDIA) on its extortion site, claiming to have breached the organization. This is an unverified claim.
AIThe Gentlemen claims to have listed CTM India Limited, a manufacturing firm in India, on their extortion site.
AIThe Gentlemen claims to have listed GIA Partners on its extortion site, per RansomLook. This is an unverified claim.
AIThe Gentlemen claims to have listed Hooke Laboratories on its extortion site, per RansomLook, but this is unverified.
AIThe Gentlemen claims to have listed Rowley Properties on its extortion site; the claim is unverified.
AIThe Gentlemen group claims to have breached Canada Wide Media, a Canadian media company, according to a RansomLook extortion-site listing.
AIThe Gentlemen claims to have listed ErgoMed on its extortion site, per RansomLook; the listing is unverified.
AIThe Gentlemen group claims to have compromised the Royal Thai Navy Housing Cooperative, a Thai government entity. This is an unverified extortion listing.
AIThe Gentlemen claim to have compromised International Freight Services, according to an unverified listing on RansomLook.
AIThe Aurora ransomware group claims to have listed Dutch construction firm NTP B.V. on its extortion site; the claim is currently unverified.
AIThe Gentlemen listed Keywest Projects on their extortion site, claiming to have breached the organization.
AIThe CMD Organization claimed to have breached Union Tractor, an agriculture and food production company, and listed it on its extortion site.
AIAurora claims to have breached the manufacturing company Kochs GmbH and lists it on its extortion site.
AIAurora claims to have data from NationsBuilders Insurance Services, a financial services firm, according to an extortion-site listing on Ransomware.live.
AIStormous claims to have posted an updated full data dump from jaggroup.com in an unverified extortion listing.
AICMD Organization claims to have listed Wall ISD, a US education entity, on its extortion site.
AIQilin claims to have listed Belz Institutions on RansomLook.
AIQilin has listed Tri-tec on its extortion site, claiming to have breached the organization.
AIQilin claims to have breached Taiwan Sintong Machinery Co., Ltd, a manufacturing firm, as listed on Ransomware.live.
AIThe Qilin ransomware group claims to have compromised Sivatel Bangkok, a telecommunication firm, according to a listing on Ransomware.live.
AIQilin claims to have listed Florida Engineering Services, a construction firm
AIINC Ransom claims to have breached jktornel, per a RansomLook extortion-site listing. The claim is unverified.
AIStormous claims to have listed a full data dump from jaggroup.com on Ransomware.live.
AINova claims to have breached Lockers IT, a technology company, according to an unverified listing on Ransomware.live.
AINightspire claims to have listed Artistic Smiles, a Consumer Services organization, on its extortion site. The claim is unverified.
AINhà Thành Phố was claimed as a victim by threat actor Nova on the RansomLook extortion site. This claim is unverified.
AIIcarus claims to have breached DEADLINE MONDAY, as listed on RansomLook; the claim is unverified.
AIINC Ransom claims to have breached Newspaper Media Group, a consumer services firm, according to a listing on Ransomware.live.
AIWorldLeaks claims to have listed L'Archevque & Rivest Ltée on its extortion site, but the claim is unverified.
AIThe Payload ransomware group claims to have breached Brazilian publisher Editora Irmãos Vitale, listing them on their extortion site.
AIPayload has listed Preferred Properties on its extortion site, claiming to have breached the organization.
AIQilin claims to have breached Pacific Lamp & Supply, a manufacturing firm, and listed it on its extortion site (unverified).
AIWorldLeaks claims to have data from manufacturing firm Super Finishing.
AIPayload claims to have targeted financial services firm ENB Versicherungen (myenb.ch), as per an unverified extortion-site listing.
AIPayload ransomware group claims to have breached Qualiflex Solutions, a business services firm, as listed on Ransomware.live.
AIRansomexx claims to have data from Go2Joy, a hospitality and tourism firm, per an unverified extortion listing on Ransomware.live.
AINova ransomware group claims to have breached Dosab, a manufacturing company, according to an extortion listing on Ransomware.live.
AIThe ransomware group Nova claims to have breached business services firm Hosab, according to an unverified listing on Ransomware.live.
AIUnverified claim: Nova listed MIT HJERTE (healthcare) on its extortion site, claiming a breach.
AINova claims to have breached One Believing Interiors, a consumer services firm, according to an unverified extortion-site listing.
AICMD Organization claims to have breached Pinnacle Re-Tec, a business services company, listing them on their extortion site.
AILockBit 5 claims to have breached majorcineplex.com, a hospitality and tourism firm, per an unverified extortion listing.
AILockBit 5 claims to have breached parkviewtaipei.com, a hospitality and tourism entity, as listed on Ransomware.live.
AILockBit 5 claims to have breached ponce-benzo.com, as per an unverified extortion site listing on Ransomware.live.
AILockBit 5 claims to have attacked parampackaging.com, a manufacturing firm, according to a listing on Ransomware.live.
AILockBit 5 claims to have listed healthcare organization primelinkbio.com on their extortion site, per Ransomware.live.
AILockBit 5 claims to have compromised saico.co.th, a Business Services firm. The listing is unverified.
AILockBit 5 claims to have breached sanatoriodelta.com, a healthcare entity, according to an unverified listing on Ransomware.live.
AILockBit 5 listed saude.mt.gov.br (Public Sector) on its extortion site, claiming a breach. The claim is unverified.
AILockBit 5 claims to have listed sparkinter.com, a Technology sector company, on its extortion site.
AILockBit 5 claims to have breached teleton.org.hn (healthcare), per an unverified listing on Ransomware.live.
AILockBit 5 claims to have breached manufacturing company union-chemical.co.th, per a listing on its extortion site. [unverified]
AILockBit 5 claims to have listed venelectronics.com, a manufacturing company, on their ransomware extortion site.
AILockBit 5 claims to have listed weinwurm.cc on its extortion site, per Ransomware.live. This is an unverified claim.
AILockBit 5 claims to have breached nundungopee.mu, per an unverified extortion listing on Ransomware.live.
AILockBit 5 claims to have targeted utb.edu.vn, listed on its extortion site as an unverified breach.
AIThegentlemen listed hiddenn on their extortion site, claiming to have breached the organization.
AIThegentlemen claims to have listed manufacturing firm Vera Chimie Management on their extortion site via Ransomware.live, an unverified claim.
AIAn unverified claim by Thegentlemen states they have listed Alexander Buch Bilanzbuchhalter (business services) on their extortion site.
AIThegentlemen claims to have breached SGS Malaysia, a business services firm, in an unverified extortion listing.
AIThegentlemen claims to have data from Ty Thac Co, as listed on Ransomware.live, but this is an unverified claim.
AIThegentlemen has listed Amigest, an agriculture and food production company, on their extortion site, claiming a breach. This claim is unverified.
AIThegentlemen claims to have listed Yudu Technology on their extortion site; the claim is unverified according to Ransomware.live.
AIThegentlemen claims to have listed Burris MacOmber (Business Services) on its extortion site, per Ransomware.live, an unverified claim.
AIThegentlemen claims to have listed transportation/logistics firm Sertrans on its extortion site; the claim is unverified.
AIThegentlemen claims to have breached Cofaq, as listed on Ransomware.live.
AIThegentlemen claims to have breached Al Khaja Holding, a business services firm, according to an unverified listing.
AICMD Organization listed Southern design RV on its extortion site, claiming to have breached the consumer services firm. This claim is unverified.
AIThegentlemen claims to have breached Athens Orthopedic Clinic, a healthcare organization, according to an unverified extortion listing.
In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters "pay or leak" extortion campaign . Data allegedly obtained from JCPenney through the exploitation of a critical zero-day vulnerability in Oracle PeopleSoft was later publi…
AIKrybit claims to have breached aasa.ae, per a listing on RansomLook, but this claim is unverified.
AIKrybit claims to have breached coemi.com.br, as listed on RansomLook's extortion site. This claim is unverified.
AIBrainCipher claims to have data from themintgaming.com, a consumer services firm, according to a listing on Ransomware.live. This claim is unverified.
AIThe Krybit group has listed the business services firm www.mupras.com on its extortion site, claiming to have breached its systems.
AIThe Gentlemen claims to have listed Athens Orthopedic Clinic on their extortion site.
AIRoth Industries, a manufacturing firm, was listed on Qilin's extortion site, claiming to have breached their data.
AIQilin claims to have breached Sparkle Pools, a Consumer Services firm, per an unverified extortion-site listing.
AIStormous claims to have a 10GB data dump from public sector org mlit.com.my (listed on Ransomware.live). Unverified claim.
AIThe Qilin ransomware group claims to have breached construction firm PJ Daly Contracting, listing them on their extortion site.
AIExtortion group Nova claims to have breached Desert Micro, a technology company, according to a listing on Ransomware.live.
AIPear claims to have data from Optimum First Mortgage, listed on its extortion site. This claim is unverified.
AIAurora claims to have breached Hagerman & Company (Business Services) in an unverified extortion site listing on Ransomware.live.
AIAnubis claims to have compromised KTR Real Estate Advisors, a financial services firm, in an unverified extortion site listing.
AIAurora claims to have listed ALS Global on its extortion site (unverified).
AIIcarus listed Klue.com on its extortion site, claiming to have breached the technology company.
AIShinyHunters claims to have breached icsecurity.com, as listed on the RansomLook extortion site. The claim is unverified.
AINightspire claims to have listed legendsmn (Blue Ox, Paul Bunyan, Lumberjack Electric) on its extortion site; the claim is unverified.
AINightspire claims to have breached Dean Cosmetic Dentistry and listed it on its extortion site. This is an unverified claim.
In June 2026, fashion retailer Ralph Lauren was targeted in a ShinyHunters "pay or leak" extortion campaign . The group subsequently published hundreds of gigabytes of data they claimed was obtained from the organisation's Salesforce instance, including 140…
AICloak listed ra-vogeler.de on its extortion site, claiming to have breached the German business services firm.
On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation , a prolific malware distribution network used to compromise systems and facilitate further cybercrime. Coordinated by international law enforcement agencies wi…
AIBusiness services firm THL PROJECT MANAGEMENT SDN. BHD. claims to have been breached by the Qilin ransomware group, as listed on Ransomware.live.
AIQilin claims to have listed Homes By J Anthony (construction) on its extortion site; the claim is unverified.
AIThe Qilin ransomware group claims to have listed ATCOM Outsourcing, a business services firm, on its extortion site
AIThe Pear ransomware group claims to have listed B & B Trading on its extortion site, per an unverified RansomLook entry.
AIRelease Marine, Inc. is listed by the Pear group on RansomLook as an unverified extortion claim.
AIThreat actor Pear listed Kirbor Homes on its extortion site, claiming to have breached the organization, per RansomLook.
AIQilin claims to have listed Skupina Don Don - GRUPO BIMBO (Agriculture and Food Production) on its extortion site.
AIAkira claims to have breached Berg Lilly and listed the organization on its extortion site.
AIThe Gentlemen claims to have listed hiidden on its extortion site, per RansomLook. This is an unverified claim.
AIRhysida claims an unverified breach of construction firm Lawson Roofing, per an extortion site listing
AIThe Qilin ransomware group claims to have listed construction firm Makel Companies Group on its extortion site. This claim is unverified.
AIThe Bravox ransomware group claims to have listed SELECT WINES, an agriculture and food production company, on its extortion site.
AILynx has listed www.someco.com on their extortion site, claiming to have breached the organization.
AIThe Gentlemen claims to have data from Ty Thac Co, per an extortion site listing tracked by RansomLook (unverified).
AIThe Gentlemen has listed Amigest as a victim on their extortion site (per RansomLook), claiming a breach.
AIThe Gentlemen listed Yudu Technology on their extortion site, claiming to have breached the organization.
AIThe Gentlemen group claims to have listed Burris MacOmber on their extortion site, per RansomLook.
AIThe Gentlemen group claims to have listed Sertrans on its extortion site, as observed on RansomLook. This listing is unverified.
AIThe Gentlemen claims to have listed Cofaq on their extortion site, but this claim is unverified.
AIThe Gentlemen group claims to have breached Al Khaja Holding, based on an unverified RansomLook extortion-site listing.
AILockBit 5 claims to have data from sweetome.com, listed on RansomLook's extortion site. The claim is unverified.
AILockBit 5 claims to have breached probat.ag, according to an unverified listing on RansomLook.
AILockBit 5 listed delano.k12.mn.us on an extortion site, claiming a breach, though the claim is unverified.
AILockBit 5 claims to have breached eternal.hk, according to an unverified claim on the RansomLook extortion site.
AILockBit 5 claims to have listed 5deagosto.com.br on their extortion site, per RansomLook. Unverified claim.
AIRansomLook reports that LockBit 5 claims to have listed abandw.com on its extortion site.
AILockBit 5 claims to have breached ag-360.ca, as listed on its extortion site (unverified).
AIThreat actor LockBit 5 claims to have listed elematic.com on its extortion site, according to RansomLook.
AILockBit 5 claims to have listed amc.co.th on its extortion site, according to RansomLook; an unverified claim.
AILockBit 5 listed casaandina.com.co on its RansomLook extortion site, claiming a breach. This is an unverified claim.
AILockBit 5 claims to have breached bvi.co.bw, listing it on their extortion site, according to RansomLook.
AIAccording to RansomLook, LockBit 5 claims to have listed comta.com.tw on its extortion site. The claim is unverified.
AILockBit 5 claims to have listed daikyonishikawa.co.jp on its extortion site as an unverified breach.
AILockBit 5 claims to have listed rubbercompounding.com on the RansomLook extortion site. This is an unverified claim.
AILockBit 5 claims to have breached drwu.com, as listed on RansomLook. The claim is unverified.
AILockBit 5 listed felizhotelboracay.com on their extortion site, claiming to have data from the organization.
AILockBit 5 has listed greyhighschool.com on its extortion site, claiming to have breached the organization.
AILockBit 5 claims to have compromised idefeey.yucatan.gob.mx, per an extortion-site listing on RansomLook.
AILockBit 5 claims to have listed inspeqingenieria.com on its extortion site, per RansomLook. This is unverified.
AILockBit 5 claims to have listed majorcineplex.com on its extortion site, per RansomLook. This is an unverified claim.
AILockBit 5 claims to have listed parkviewtaipei.com on its extortion site; the claim is unverified.
AILockBit 5 claims to have breached parampackaging.com, per a listing on RansomLook. The claim is unverified.
AIAccording to RansomLook, LockBit 5 claims to have listed primelinkbio.com on its extortion site. This claim is unverified.
AILockBit 5 claims to have listed saico.co.th on its extortion site, per RansomLook. This claim is unverified.
AILockBit 5 claims to have compromised sanatoriodelta.com, as per a listing on its extortion site. The claim is unverified.
AILockBit 5 claims to have listed saude.mt.gov.br on its extortion site, per RansomLook, though this is unverified.
AILockBit 5 claims to have listed sparkinter.com on its extortion site. The claim is unverified.
AILockBit 5 claims to have listed teleton.org.hn on its extortion site per RansomLook; the claim is unverified.
AILockBit 5 claims to have breached Union Chemical (union-chemical.co.th) and listed it on their extortion site.
AILockBit 5 claims to have compromised venelectronics.com, as listed on a ransomware extortion site.
AILockBit 5 claims to have listed weinwurm.cc on its extortion site (RansomLook), but the claim is unverified.
AILockBit 5 claims to have listed nundungopee.mu on their extortion site; the claim is unverified.
AIThe Gentlemen group claims to have breached SGS Malaysia, according to an unverified extortion-site listing on RansomLook.
AIAn unverified claim from the ransomware group The Gentlemen lists TERRIO Therapy Fitness on its extortion site.
AIThe Gentlemen claims to have listed Vera Chimie Management on their extortion site.
AIThe Gentlemen has listed Alexander Buch Bilanzbuchhalter on its extortion site, claiming to have breached the organization.
AIThe Akira ransomware group claims to have breached Apptricity, a business services company, as listed on its extortion site. The claim is unverified.
AILynx claims to have listed Eastersealsia (Healthcare) on its extortion site, per Ransomware.live. The claim is unverified.
AIUnverified claim: Genesis claims to have listed United Personnel (a division of Masis Staffing Solutions) on extortion site RansomLook.
AIIn an unverified claim, Genesis listed The Associated Builders and Contractors of Indiana/Kentucky on its extortion site, claiming to possess data from the organization.
AIINC Ransom claims to have breached Horizon Family Medical Group, a healthcare provider, as listed on its extortion site.
AILynx claims to have breached construction firm Wolf Construction (www.wolfconstruction.net). This is an unverified listing claim.
AIShinyHunters claims to have data from healthcare provider Amazon-owned OneMedical.com in an unverified listing on Ransomware.live.
AIShinyHunters claims to have listed NAIC.org, a business services organization, on its extortion site. The claim is unverified.
In March 2026, the financial consulting and advisory firm CFGI was the target of a ShinyHunters "pay-or-leak" extortion campaign . The group subsequently publicised data allegedly obtained from CFGI comprising corporate contact information, including 243k u…
AIINC Ransom claims to have listed neuwoges.de on its extortion site, per RansomLook; the claim is unverified.
AISafepay claims to have breached seinordovest.it, according to their extortion site listing; the claim is unverified.
AIRansomhouse claims to have breached Prince George County, as listed on RansomLook. This claim is unverified.
AIPlay ransomware group claims to have listed Greg Crosslin on its extortion site; the claim is unverified.
AIHarcourts.net, a Consumer Services organization, was claimed to be listed by the Safepay group on their extortion site.
AISafepay claims to have breached zaunsysteme.de, a manufacturing firm, in an unverified extortion site listing.
AISafepay claims to have breached brscappuccio.it, a Consumer Services organization, according to a listing on its extortion site (Ransomware.live). This is an unverified claim.
AISafepay listed gut-heckenhof.de, an organization in agriculture and food production, on its extortion site in an unverified claim.
AIThe Lamashtu group claims to have breached Great Foods, an agriculture and food production company, as listed on its extortion site.
AIThe Play ransomware group claims to have breached Integrated Technologies and listed it on its extortion site. This claim is unverified.
AIPlay ransomware group listed technology company eurOptimum on its extortion site, claiming a breach.
AIAkira claims to have listed Smith Filter on their extortion site.
AISpace Bears claims to have listed Chebib Control as a victim in an extortion-site listing, an unverified claim.
AIKrybit claims to have breached courdescomptes.sn per a RansomLook extortion listing. The claim is unverified.
AIGunra claims to have listed MHE9 Logística Ltda on its extortion site (RansomLook); the claim is unverified.
AIGunra claims to have listed Suárez&Clavera on its extortion site, per an unverified RansomLook listing.
AIRansomware group Krybit claims to have listed manufacturing firm ersa.com.py on its extortion site, per Ransomware.live. The claim is unverified.
AISpace Bears claims to have breached Gerencial, as listed on a ransomware extortion site.
AIShinyHunters claims to have data from "Service Notice: Scheduled Maintenance and Infrastructure Upgrades" in an unverified extortion site listing.
AIRansomhouse claims to have listed Promepla on its extortion site, according to RansomLook. This is an unverified claim.
AIINC Ransom claims to have compromised jasperplastics.info, according to an unverified extortion-site listing tracked by RansomLook.
AIShinyHunters claims to have breached Ralph Lauren and listed the organization on their extortion site.
AIINC Ransom listed framesiprofessional.com on its extortion site, claiming a breach. The claim is unverified.
AIShadowbyt3$ claims to have breached TINYpulse and Nintendo (nintendo.com), according to an unverified listing on RansomLook.
AIFulcrumsec claims to have listed Novo Nordisk on RansomLook; the claim is unverified.
AIRansomware group Dragonforce claims to have compromised Tecfi SpA, as listed on an extortion site.
AIThe Aurora ransomware group claims to have listed Allan Brothers Fruit on its extortion site, per an unverified RansomLook listing.
AIThreat actor Aurora claims to have listed Diamond Truck Centres on its extortion site, per RansomLook, in an unverified claim.
AIAurora claims to have breached Sumitomo Electric Bordnetze, per an unverified extortion-site listing on RansomLook.
AIAkira claims to have listed Insite Architects on its extortion site, according to RansomLook.
AIQilin claims to have compromised Golfview Developmental Center, listing the organization on its extortion site (unverified claim).
AIAccording to RansomLook, Nova has listed Sunass on its extortion site in an unverified claim.
AINightspire has listed an unverified claim on RansomLook against an organization described as 'Central Texas ***** *****'.
AINightspire claims to have breached Ri***** Co**** Europe S.r.l., listed on RansomLook. This claim is unverified.
AIRansomLook reports that Cloak claims to have listed organization ra-*******e on their extortion site. This claim is unverified.
AICloak claims to have listed d**********e on RansomLook in an unverified extortion claim.
AICloak claims to have breached W******S*******D, as listed on RansomLook. This claim is unverified.
AINightspire claims to have listed Guy E******* & F*******, P.A on its extortion site, per RansomLook (unverified).
AIIcarus group claims to have listed thecreditpros.com on its extortion site, as reported by RansomLook.
AIDeadlock claims to have listed Notice on its extortion site per RansomLook, though the claim is unverified.
AIPayload claims to have breached SPORTON International Inc. and listed the organization on its extortion site. The claim is unverified.
AISpace Bears claims to have breached ECOVACS, according to a listing on the RansomLook extortion site.
AIQilin claims to have listed Q Link Wireless on its extortion site.
AIUnverified claim: Qilin claims to have listed Misericórdia de Santo Tirso on their extortion site.
AIThe Nova group claims to have compromised Kedah, according to an unverified extortion-site listing tracked by RansomLook.
AIShinyHunters listed icc.edu on their extortion site, claiming a breach. This claim is unverified.
AIShinyHunters claims to have breached moody.edu, listed on its extortion site (unverified).
AIShinyHunters claims to have listed glendale.edu on RansomLook, an extortion-site listing. The claim is unverified.
AIINC Ransom has listed Organization 3 on its extortion site, according to RansomLook. This claim is unverified.
AIThe Gentlemen claims to have breached an agency, in an unverified extortion-site listing on RansomLook.
AISafepay claims to have breached hughstirling.co.uk, listing the organization on its extortion site. This claim is unverified.
AISafepay claims to have data from tokyocivil.co.jp, listing it on its extortion site. The claim is unverified.
AIThreat actor Safepay has listed kawaius.com on RansomLook, claiming to have attacked the organization. The listing is unverified.
AISafepay claims to have listed musenet.co.jp on its extortion site, per RansomLook; this is an unverified claim.
AISafepay listed bautz-maschinenbau.de on its extortion site, claiming to have breached it. The claim is unverified.
AISafepay claims to have listed aquaclean.com on its extortion site; the claim is unverified.
AISafepay listed hoodriversheriff.com on its extortion site, claiming to have breached the organization. The claim is unverified.
AINightspire has listed B****S I******t***l on its extortion site, according to RansomLook; the claim is unverified.
AIThe Nightspire group claims to have listed Sheraton Miramar Resort El Gouna on its extortion site, though the claim is unverified.
AINightspire claims to have breached organization G**** R****l*e, as listed on RansomLook. The claim is unverified.
AIThe Gentlemen claims to have listed CUI Agency on its extortion site, per RansomLook.
AIBrain Cipher claimed to have breached anglomoil.com, listing the company on their extortion site. The claim is unverified.
AIBrain Cipher claims to have listed alu-rex.com on its extortion site, as reported by RansomLook.
AIThe ransomware group Qilin claims to have listed Grupo Indi on its extortion site. This claim is unverified.
AIQilin claims to have listed Can Healthcare Group on its extortion site, per RansomLook.
AIQilin claims to have data from Cng Ty Cp T Vn Xd Tng Hp in an extortion-site listing on RansomLook, but the claim is unverified.
AIThe ransomware group Qilin has listed MAVA Healthcare on its extortion site, claiming to have stolen data from the organization.
In June 2026, a collection of accumulated stealer logs from various sources was added to HIBP. The corpus comprised 56M unique email addresses across hundreds of millions of stealer log records. The data also contained 124M unique passwords, which have been…
AIAnubis claims to have listed KoMiCo on their extortion site, per RansomLook, though the claim remains unverified.
AIPayoutsking claims to have listed W****e on its extortion site, per RansomLook. This claim is unverified.
AIDeadlock listed Zhangjiagang Fortune Chemical Co. Ltd. Singapore on its extortion site. The claim is unverified.
AIDeadlock claims to have breached Summa4, as listed on RansomLook. The claim is unverified.
AIDeadlock claims to have listed Hornavan Hotell on its extortion site, per RansomLook.
AIDeadlock claims to have breached TeleFinity, according to an unverified listing on RansomLook.
AIDeadlock claims to have listed donjon on its extortion site. This claim is unverified.
AIDeadlock claims to have listed CH Paper on RansomLook's extortion site, though the claim is unverified.
AIDeadlock claims to have breached Nobani Co, as listed on RansomLook extortion site.
AIDeadlock claims to have breached Fidelity Pension Managers, listed on RansomLook, but the claim is unverified.
AIDeadlock claims to have compromised CAD93, according to a listing on RansomLook.
AIDeadlock claims to have listed SECiL on its RansomLook extortion site. The listing is an unverified claim.
AIAccording to RansomLook, Deadlock listed an unverified claim against
AIDeadlock claims to have listed EDISA and INVERTIGE on its extortion site, per RansomLook; the claim is unverified.
AIDeadlock claims to have breached Breda Energia, according to an unverified extortion-site listing on RansomLook.
AIDeadlock listed Muzeum Valassko on its extortion site, claiming to have data from the organization. The claim is unverified.
AIDeadlock claims to have breached bERS, according to an extortion-site listing on RansomLook (unverified claim).
AIDeadlock claims to have listed NXIT, Franco Vago S.p.a., and Traconf Srl on its extortion site.
AIDeadlock claims to have listed AFWorkshop on its extortion site (RansomLook).
AIDeadlock claims to have breached Finam Gabon. The extortion-site listing, tracked by RansomLook, is unverified.
AIThe Deadlock group claims to have listed iASK on its extortion site, according to RansomLook. This claim is unverified.
AIDeadlock claims to have listed data from Noega and Esnova on its extortion site, according to RansomLook.
AIDeadlock claims to have breached IFC Eur, listing the organization on its RansomLook extortion site. The claim is unverified.
AIDeadlock claims to have listed TPToys on its extortion site, according to RansomLook; this claim is unverified.
AIDeadlock claims to have breached EXPRESOKNA SP. Z O.O., as listed on its extortion site. This claim is unverified.
AIDeadlock claims to have listed Bär Cargolift Polska Sp. z o.o. on its RansomLook extortion site; the claim is unverified.
AIDeadlock listed Grupolider | Grupo Actual on its extortion site (RansomLook), though the claim is unverified.
AIDeadlock listed Dyhrberg AG Switzerland on its extortion site; the claim is unverified.
AIDeadlock claims to have breached SKK Networks, UNICARD Systems, and SKK SA. This is an unverified extortion listing.
AIDeadlock claims to have listed PB Sprinkler Engineering Sp. z o.o. and PLISZKA Fire Protection Engineering on its extortion site.
AIDeadlock has listed 8.2 Group e.V. on RansomLook, claiming to have its data in an unverified extortion site listing.
AIDeadlock claims to have breached Integra and Operosa, per an unverified extortion-site listing on RansomLook.
AIDeadlock listed JOSO on its extortion site, claiming to have breached the organization.
AIDeadlock claims to have listed GEOPARTNER Sp. z o.o. and GEOPARTNER GEOMATICS Sp. z o.o. on its extortion site, an unverified claim.
AIDeadlock claims to have breached FIRESTA, according to an unverified extortion listing on RansomLook.
AIDeadlock claims to have breached UFL, listing the organization on its extortion site.
AIDeadlock has claimed to breach Picassent, listing the organization on its extortion site. This claim is unverified.
AIDeadlock claims to have compromised Starconn, according to a listing on its extortion site.
AIAccording to RansomLook, the Deadlock group claims to have listed EFCA on its extortion site.
AIDeadlock claims to have listed AKSV on its extortion site, per RansomLook; the claim is unverified.
AIDeadlock claims to have listed Bridgeport S.p.A. on RansomLook; the
AIDeadlock claims to have listed SH Hoteles (Spain) on its extortion site.
AIDeadlock claims to have listed Bombas Ideal on its extortion site, according to RansomLook. The claim is unverified.
AIDeadlock claims to have listed Ring Textile Production RTP SRL on its extortion site, according to RansomLook (unverified claim).
AIDeadlock claims to have listed ADM Value Barcelona on its extortion site. The claim is unverified.
AIDeadlock listed Consulting Valladolid on its RansomLook extortion site, claiming an attack; the claim is unverified.
AIDeadlock claims to have compromised ONE Contact, according to an unverified extortion-site listing on RansomLook.
AIRansomware group Deadlock claims to have breached Elmoris, according to a listing on RansomLook. The claim is unverified.
AIDeadlock has listed Gerusia S.L. on its extortion site, an unverified claim.
AIDeadlock listed Maxplast and Senoco on its extortion site, claiming to have breached them.
AIDeadlock claims to have listed Grupo Mercurio on its extortion site, as reported by RansomLook. This remains an unverified claim.
AIDeadlock claims to have listed Zaffrani Srl on its extortion site; the claim is unverified.
AIDeadlock claims to have listed Eko-Flor Plus d.o.o. on its extortion site; the claim is unverified.
AIDeadlock claims to have listed VBW Makelaars and Taxateurs on its extortion site, per RansomLook. This is an unverified claim.
AIDeadlock has listed Industrie Tecnologiche it on its extortion site, claiming to have breached the organization.
AIDeadlock claims to have listed LIVISTO on its extortion site, according to RansomLook; the claim is unverified.
AIDeadlock claims to have leaked data from Anidaport - Investimentos Imobiliários Lda., listing the Portuguese firm on its extortion site (unverified).
AIDeadlock claims to have breached Optimal Care SA and listed it on its extortion site (source: RansomLook). Unverified claim.
AIDeadlock claims to have listed the Barcelona Urban Property Chamber.
AIDeadlock listed Židlochovice city on RansomLook, claiming an intrusion. This claim is unverified.
AIDeadlock claims to have breached Werken Química Brasil S.A., listing them on their extortion site. This claim is unverified.
AIDeadlock claims to have listed 3Gi Solutions, an IT services provider in Montreal, on its extortion site. The claim is unverified.
AIDeadlock claims to have breached Güven Mühendislik Makina, as listed on its extortion site.
AIDeadlock has listed Abhay Prabhavana on their extortion site, per RansomLook; the claim is unverified.
AIDeadlock ransomware group claims to have compromised Quetzal Química, listing them on their extortion site. The claim is unverified.
AIDeadlock claims to have breached CIATI, listing the organization on its extortion site RansomLook, but the claim is unverified.
AIDeadlock claims to have breached ACU - The Automobile Club of Uruguay, with the organization listed on its extortion site.
AIDeadlock group claims to have data from DOCTUS USA Inc, as listed on RansomLook extortion site (unverified).
AIDeadlock claims to have breached WH Müller and listed the organization on its extortion site.
AIDeadlock claims to have listed Grupo Vanguardia on their extortion site, according to RansomLook.
AIDeadlock claims to have listed WiBeats S.r.l. on its extortion site.
AIDeadlock claims to have listed Schlenker and Cantwell, P.A., but the claim is unverified.
AIDeadlock has listed LA SEVILLANITA SRL on its extortion site, claiming to have data from the organization. This is an unverified claim.
AIDeadlock claims to have compromised the Morton Grove Park District, according to a listing on RansomLook. The claim is unverified.
AIThe Deadlock group claims to have listed Weinberg ''93 Építő Kft. on its extortion site, per RansomLook. This claim is unverified.
AIDeadlock claims to have listed Catcorp on its extortion site, as reported by RansomLook. This claim is unverified.
AILeaknet claims to have compromised the Ktunaxa Nation Council, listed on its extortion site.
AIAilock claims to have listed Röben Tonbaustoffe GmbH on its extortion site. This claim is unverified.
AIShinyHunters claims to have breached hccs.edu, as listed on their extortion site and tracked by RansomLook.
AIShinyHunters claims to have listed kodak.com on RansomLook, an extortion-site listing, as an unverified breach.
AIShinyHunters has listed Deep Well Services on its extortion site, claiming to have stolen data. This is an unverified claim.
AISysco Corporation was listed by ShinyHunters on RansomLook; this is an unverified claim.
AIThreat actor Bavacai claims to have listed organization Bd on their extortion site. This claim is unverified.
In March 2026, the commercial real estate finance company Berkadia was the target of a ShinyHunters "pay or leak" extortion campaign . The group subsequently published data they alleged was taken from Berkadia's Salesforce instance, including over 300k uniq…
In March 2026, the student information system Infinite Campus was targeted in a ShinyHunters "pay or leak" extortion campaign . The group subsequently published data they alleged was taken from Infinite Campus, containing 137k unique email addresses along w…
In June 2026, the University of Nottingham was the target of a cyber attack , later linked to a ShinyHunters "pay or leak" extortion campaign. Tens of gigabytes of data were subsequently published online and included 455k unique email addresses along with e…
In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site . In early June, the group publicly published data they claimed had been obtained from Baker's SharePoint and Sa…
In May 2026, the corporate travel management company BCD Travel was claimed as a victim of the ShinyHunters "pay or leak" extortion campaign . Data allegedly obtained from BCD was subsequently published publicly in early June and contained 396k unique email…
In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters "pay or leak" extortion campaign that resulted in the group publicly publishing hundreds of gigabytes of data allegedly obtained from the company. The data included 2…
In January 2026, the automotive research and car-shopping platform Edmunds was listed by the ShinyHunters hacking group as having been breached . Data purportedly obtained in the incident was later published publicly and included 178k unique email addresses…
In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub repository. The incident exposed 64k unique email addresse…
In May 2026, the telecommunications company Charter Communications (the parent company behind the consumer broadband and cable brand Spectrum) was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group later published the data, wh…
In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign . The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part o…
In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group . After the ransom deadline passed, the group publicly released the data which contained 84k unique email addresses. The…
In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environme…
No signals found
Try removing a filter or searching for another term.