The ransomware claim alleges that Jordan India Fertilizer Company (JIFCO) was breached by the threat actor netrunner, who purportedly encrypted systems and exfiltrated data from the JV formed by IFFCO and Jordan Phosphates Mines Company (JPMC). The attack could disrupt operations at the Eshidiya phosphate plant and affect the JV’s 1500 tonnes per day P2O5 capacity in Jordan. #jordan
Category: Ransom Monitor
Ransomware claims allege that whiskey.co.jp, a Japanese company known as Whiskey & Co., Inc. (Whiskey & Co.株式会社) founded on January 28, 2021, was breached by the threat actor krybit. The report identifies krybit as the attacker and mentions potential data theft or encryption impacts in Japan, though verification is not provided #Japan
Infonet Media d.o.o. reports a ransomware claim attributed to the threat actor incransom, indicating their systems have been compromised. The claim describes disruption to the company’s radio network and related media operations in Slovenia #Slovenia
Threat actor Nightspire claims to have breached Advanced Vehicle Assemblies in the United States, exposing Banking & Financial Systems, Accounting & Tax Records, Customer & Sales Data, and Engineering & Manufacturing IP. The ransomware claim emphasizes data exfiltration and IP theft, with potential extortion and operational disruption if demands are not met. #UnitedStates
Incransom claims to have compromised Community Connections, a US nonprofit delivering behavioral health services to vulnerable populations, including women, men, youth, and children, by encrypting systems and exfiltrating data. The alleged attack could disrupt the organization’s integrated continuum of care, including behavioral health treatment, residential support, and primary health care coordination, potentially hindering access to essential services.
#UnitedStates
Incransom claims to have compromised coronapa.com, threatening to leak confidential client data and deploy ransomware unless a ransom is paid. Corona Law Firm is a proud excellent client service and skillful representation, established in 1997 and well-known in the Florida legal community in the United States. #UnitedStates
Kramer Nutzfahrzeug Service Center GmbH (kramer-nsc.at) is identified as the victim in a ransomware claim attributed to threat actor krybit. The claim notes encryption of systems and potential data exfiltration, impacting operations in Austria #Austria
The ransomware claim implicates Krybit in an attack against BJ Grupo, a fuel and lubricants distributor operating across the state of São Paulo.
The attackers allegedly encrypted data and issued extortion threats in line with Krybit’s reported tactics.
#Mexico
A ransomware claim targets Dubosson Frères SA in Switzerland. The threat actor is nightspire, and data is not available now. #Switzerland
Nightspire claims to have compromised the Southeastern Conference of Seventh-day Adventists in the United States in a ransomware incident. Data is not available now. #UnitedStates
The threat actor Akira claims to have exfiltrated about 11 GB of data from several US-based companies, including American Vintage Home, Briggs Plumbing Products, Genco Manufacturing, and Associates of Clifton Park. The stolen data reportedly includes personal employee data, HR files, medical information, client information, project files, confidential files, accounting and financial records, contracts and agreements.
#UnitedStates
DragonForce claims to have breached Asmar Schor & McKenna, a leading United States construction law firm, gaining unauthorized access to confidential client and project data. The group allegedly exfiltrated data and issued a ransomware demand to prevent its public release. #UnitedStates
Tscherne Consulting Steuerberatung GmbH, an Austrian tax consulting firm based in Graz, was targeted by a ransomware incident in which the payload was identified as the threat actor. The firm provides bookkeeping, tax planning, payroll processing, and business consulting for small and medium-sized businesses #Austria
The threat actor payload claims that United Finance Egypt’s entire infrastructure has been compromised in a ransomware incident. The majority of the leaked data consists of the company’s customer information from its financing, leases, factoring, and mortgage lending operations #Egypt
A ransomware claim targets project1631.com, with the threat actor beast identified as responsible. The message threatens encryption of data and potential release of stolen material unless a ransom is paid. #Unknown