Category: Ransom Monitor

Ransomware claims against ASTRAZENECA CORP in GB by lapsus$ allege exfiltration of source code, an employee database, API keys, and MongoDB/MySQL credentials. The incident highlights data exposure risks tied to code repositories and database access.
#UnitedKingdom

Lapsus$ claims to have breached UNIV LILLE in France and stolen student and staff records as part of a ransomware operation. The group threatens to publish the stolen data unless a ransom is paid. #France

A ransomware claim targets Innovision Holdings, attributed to the threat actor dragonforce. Innovision is described as a global apparel and accessories group with operations across luxury, mass-market, and licensed brands in over 30 countries. #Unknown

Ransomware claims attribute an attack by lapsus$ against France’s Ministry of Agriculture, targeting government infrastructure. The incident is described as encrypting systems and potentially exfiltrating data from a French government agency. #France

AXCERA.IO reports a ransomware claim attributed to the threat actor lapsus$, tied to US operations. The claim includes the release of source code and infrastructure configurations #UnitedStates

Thegentlemen claim to have conducted a ransomware intrusion against Zanzi S.p.A., an Italian engineering company, alleging encryption of critical systems and potential data exfiltration. The claim frames Italy as the impacted country and highlights risks to Zanzi’s high-performance valve manufacturing across aerospace, motorsport, and marine diesel sectors. #Italy

AIRCOS Pascual, a French cosmetics manufacturer and ANJAC Group member, reports a ransomware claim attributed to the threat actor thegentlemen, alleging unauthorized access and potential data exfiltration. The claim suggests disruption across multiple production sites in France and potential exposure of proprietary formulas and manufacturing data #France

A ransomware claim asserts that Sokolin in the United States was targeted by the threat actor ‘play’. The incident is described with limited details, but the claim links the attack to US activity and indicates the United States as the impacted country #UnitedStates

A ransomware claim targets Barnes Solicitors LLP in the United Kingdom, alleging a breach and potential data exposure. The claim attributes the incident to the threat actor ‘play’ operating from the United Kingdom. #UnitedKingdom

A ransomware claim attributes the attack to the threat actor dragonforce targeting Siam Okamura International Co., Ltd., a Thailand-based provider of Japanese-designed ergonomic office furniture and interior solutions. Based in Bangkok with local manufacturing via Siam Okamura Steel Co., Ltd., the company serves offices, education, healthcare, and retail spaces. #Thailand

Threat actors tied to netrunner claim Harman Fitness, a multi-unit Crunch Fitness franchise operator in the United States, was struck by a ransomware incident involving encrypted systems and potential data exfiltration. The claims describe disruption across Crunch locations nationwide under franchise agreements, with Harman Fitness reportedly leading incident containment and notification efforts #UnitedStates

Alleged ransomware activity targets Kopran Limited and its subsidiary Kopran Research Laboratories Limited in India, attributed to the threat actor dragonforce. The attackers allegedly encrypted critical systems and threatened to leak sensitive information unless a ransom was paid, disrupting operations. #India

Threat actor krybit claims to have compromised Livingstone Kolobeng College (LKC), a private educational institution in Gaborone, Botswana, impacting the victim lkc.ac.bw. The ransomware claim describes encryption of files and potential data exfiltration, with Botswana identified as the impacted country #Botswana

Shine Aviation, an Australian aviation firm, disclosed an alleged ransomware incident attributed to the threat actor anubis. The claim describes a data breach affecting aviation data in Australia #Australia