The ransomware claim alleges that the threat actor pear targeted The McLamb Group, Inc., a US-based company. The organization specializes in warehousing and fulfillment, direct mail services, inventory management, printing and graphic design, and builder services, and the incident reportedly disrupted its operations in the United States #UnitedStates
Category: Ransom Monitor
Kannarr Eye Care, a full-service optometry provider in Pittsburg, Kansas, reports a ransomware incident attributed to the threat actor ‘incransom’ targeting its systems. The claim notes disruption to operations and potential data exposure as the clinic works to restore services and assess impact on patients across the United States. #UnitedStates
Martek Co. Ltd., a Taiwan-based company, reports a ransomware claim attributed to the threat actor incransom, involving a 700gb NDA. The claim references the victim’s site at https://www.martek.com.tw/en as context. #Taiwan
SilentRansomGroup claims to have breached Goulston & Storrs, a U.S.-based law firm, and threatens to publish stolen client data and disrupt operations unless a ransom is paid. Goulston & Storrs operates from offices in Boston, New York, Washington DC, and Beijing, offering legal services in real estate, corporate transactions, litigation, and finance. #UnitedStates
SilentRansomGroup claims to have compromised Cox, Castle & Nicholson LLP, a leading US law firm specializing in real estate and related services. The claim describes ransomware deployment and data exfiltration, with potential disruption to operations and exposure of confidential client information #UnitedStates
Threat actor Krybit claims to have breached Megasurf.co.za, a South African internet service provider and data center operator. The claim includes data exfiltration and ransom demands against Megasurf and its customers in South Africa. #SouthAfrica
Powell, Powell & Powell, P.A., a US-based law firm specializing in personal injury, reports a ransomware claim attributed to threat actor pear involving encryption of firm data. Attackers allegedly accessed confidential client and case information and threatened to publicly release it unless a ransom is paid. #UnitedStates
Threat actor Kairos has claimed to compromise South Florida Injury Centers in the United States as part of a ransomware operation. The claim suggests possible system encryption and data access with disruption to the clinic’s operations, though there is no independently verified detail yet. #UnitedStates
A ransomware claim was issued against Family Psychological Associates, a provider of mental health services in the United States. The threat actor pear claims access to sensitive data and threatens to disclose it if demands are not met. #UnitedStates
A ransomware claim alleges that the threat actor pear targeted Siegel Lewitter Malkani, a highly respected employment law firm in the San Francisco Bay Area. The claim notes potential data exfiltration or encryption and a demand for payment, affecting operations in the United States. #UnitedStates
Anubis claims a ransomware operation against Signature HealthCare in the United States, threatening encryption and potential data exfiltration. Whether there will be a release remains uncertain, but observers are advised to keep an eye on the timer. #UnitedStates
ALP-001 claims to have targeted NEP Group (nepgroup.com), a Pittsburgh-based broadcaster and media services company, citing 70GB of storage and a claimed $2.1 billion in revenue. The message also states that 10GB of samples were uploaded and can be downloaded from a leak page, with a deadline of 2026-04-18 17:22:11. #UnitedStates
ALP-001 claims to have compromised Inatech, a United Kingdomβbased cloud provider of Energy Trading and Risk Management (ETRM) and fuel management software, and uploaded 61 files as samples on a leak page. The claim sets a deadline of 2026-04-18 17:30:58 and states 51GB of data was stolen along with $31.6 million in revenue #UnitedKingdom
The ransomware claim by threat actor beast asserts a security incident involving the victim irmler.org in Germany. irmler.rechtsanwalte specializes exclusively in architectural law, public procurement law, and private and public construction law, is represented in Mecklenburg-Vorpommern and in Schleswig-Holstein at the locations in Schwerin and Lubeck, and is active nationwide in support of procurement procedures, in particular for the award of architect/planning services and architectural competitions. #Germany
The ransomware claim identifies Idera as the victim, attributed to threat actor coinbasecartel, with roughly 1.5 TB of data exfiltrated. Impacted country(s): #UnitedStates