The claim states Sa**** A** Products was targeted by ransomware, attributed to the threat actor nightspire. Data on the impacted country is not available at this time, so the affected country cannot be confirmed, #Unknown
Category: Ransom Monitor
Threat actor akira has claimed a ransomware attack against Aqua-Serv Engineers, Inc., one of the largest independent regional industrial water treatment companies in the United States. The actor threatens to upload 17GB of corporate data, including employee personal documents, drawings and specifications, client information, and detailed financials. #UnitedStates
Tesla Systems reports a ransomware claim attributed to the threat actor Anubis, noting that a careless IT contractor jeopardized client security. The incident underscores the critical risk posed by third-party IT contractors in protecting sensitive systems. #UnitedStates
The ransomware claim alleges that the threat actor bravox targeted Aculab, a GB-based company that provides advanced global telecommunication and cloud communication solutions, encrypting critical systems and demanding a ransom. The claim further notes extortion tactics, including data exfiltration and cryptocurrency payment demands, attributed to bravox. #UnitedKingdom
Nightspire is attributed with a ransomware claim targeting a victim described in redacted form, and country information is not provided. No data is available at this time to detail the scope or impact of the incident #Unknown
Carmelo Candy Inc. reports a ransomware claim attributed to the threat actor nightspire, impacting operations in the United States. The claim describes file encryption and a ransom demand, with [AI generated] N/A. #UnitedStates
Ransomware claims have targeted St. Fabian Catholic Church & School in Farmington Hills, Michigan, with the threat actor ‘thegentlemen’ asserting encryption of systems and data exfiltration. The incident disrupts church and school operations and may involve public data release if the ransom is not paid #UnitedStates
Thegentlemen claimed a ransomware incident targeting GCA Group LLC (Global Capital Advisors Group LLC), an international business development and capital formation advisory firm. The claim notes that Japan is the impacted country. #Japan
The ransomware claim targets GCA Professional Services Group, with the threat actor thegentlemen claiming unauthorized access and threatening data publication. GCA Professional Services Group is a leading financial services provider headquartered in Hong Kong, with over 25 years of experience serving blue-chip institutional, corporate, and individual clients globally, offering valuation and advisory, corporate finance, mining and mineral consultancy, and corporate services. #HongKong
thegentlemen claim to have compromised Das Labor, an Austrian private medical and chemical diagnostic laboratory led by Dr. Margit Striednig-Zechner and Dr. Beatrix Sterz, which operates the Cyberlab online ordering system for referring physicians and healthcare professionals. The claim frames the incident as a ransomware attack targeting a regional clinical diagnostics practice with Germany (DE) as the impacted country. #Germany
Nova is attributed as the threat actor behind a ransomware claim targeting Pemerintah Kabupaten Bojonegoro, the official government portal of Bojonegoro Regency in East Java, Indonesia. The portal provides Smart City initiatives, public transparency, and online government services aimed at enhancing community engagement for residents, businesses, and tourists, and the claim notes disruptions while highlighting local tourism and cultural heritage #Indonesia
A ransomware claim targets M&K Foam Koło, a Polish manufacturer of sleep products, with the threat actor identified as nova. The claim references mkfoam.pl as the official website and directs corporate contact for further action. #Poland
VirtaHealth in the United States reports a ransomware incident attributed to lapsus$, involving healthcare research data. The incident allegedly encrypted files, demanded payment, and disrupted operations across the organization #UnitedStates
Ransomware claims against ASTRAZENECA CORP in GB by lapsus$ allege exfiltration of source code, an employee database, API keys, and MongoDB/MySQL credentials. The incident highlights data exposure risks tied to code repositories and database access.
#UnitedKingdom
Lapsus$ claims to have breached UNIV LILLE in France and stolen student and staff records as part of a ransomware operation. The group threatens to publish the stolen data unless a ransom is paid. #France