A ransomware claim alleges meridenct.gov, the City of Meriden in Connecticut, was targeted by threat actor incransom, potentially disrupting government services and public resources managed by Meriden 2020. Meriden 2020 provides a broad range of government, business, recreational, educational, and transportation resources for residents and visitors of Meriden, CT, with about 200 employees and $23 million in revenue #UnitedStates
Category: Ransom Monitor
Chaos claims to have conducted a ransomware attack against kdmpop.com, targeting KDM P.O.P. Solutions Group, a Cincinnati-based company with additional facilities in Cincinnati, Nashville, Atlanta and Cleveland. KDM P.O.P. Solutions Group has been in business since 1970 and specializes in custom, innovative retail POP print solutions at the point of purchase. #UnitedStates
A ransomware claim from worldleaks targets Orient Petroleum Resources Plc, described in the AI-generated background as a Nigerian oil and gas company. The attackers allegedly threaten data exposure or encryption, with the incident linked to the United Kingdom (GB) as the impacted country. #UnitedKingdom
Worldleaks claims to have breached Leighton, a multinational construction company, encrypting core systems and exfiltrating sensitive project data tied to its GB-based operations in a ransomware attack. The threat actor demands a ransom and threatens to release the stolen files if Leighton does not pay, potentially impacting UK projects. #UnitedKingdom
Ransomware actor akira claims it will upload 10 GB of Axiomatic Technologies Corporation’s corporate data, including employee personal documents (credit cards, medical records and other HR files), project files, financials, contracts and agreements, client files, and NDAs. Axiomatic Technologies is a Canadian-based designer and manufacturer of electronic controllers and power management converters, with the United States identified as the impacted country. #UnitedStates
Dragonforce claims a ransomware attack against Edward Beiner, a US-based luxury eyewear retailer. The claim suggests attackers may disrupt Edward Beiner’s premium eyewear and eye care services in the United States. #UnitedStates
Frontier Technologies (NFT), a system integrator bridging industrial automation and business data, reports a ransomware claim from threat actor ‘akira’ who purports to exfiltrate 60 GB of corporate data, including project files, financial documents, and contracts. The attacker warns they will upload the data soon, potentially impacting sectors such as oil and gas, discrete manufacturing, process manufacturing, and food and beverage. #Unknown
Handala claims responsibility for a ransomware campaign and vows retaliation after the FBI seized their domains and announced a $10 million reward for Handala Hack members, promising a response that will be remembered forever. The claim cites Kash Patel as the current director of the FBI and asserts the attack will have a lasting impact on the United States. #UnitedStates
Anubis claims a ransomware data breach affecting Scalian, a major French IT company. The claim attributes the incident to the threat actor Anubis and indicates the impact is in France #France
Anubis, a ransomware threat actor, claims a data breach at Schlam Stone & Dolan LLP, a US-based law firm. The breach purportedly affected clients ranging from government institutions to Fortune 500 companies #UnitedStates
ShinyHunters claim they now run BreachForums version 5 after the FBI seizure in October 2025 and assert that the forum has been run by many fakes, but by them. They warn of an unauthorized leak on January 9, 2026, claim that impostors named ‘N/A’ and ‘Indra’ have revived a counterfeit “legitimate” forum, and threaten to leak all BF backups—private messages, emails, IP addresses, and posts—unless stopped, stating they have exploits for all MyBB 1.8 versions. #Unknown
ActionPower is the victim in a ransomware claim attributed to the threat actor crypto24, involving file encryption and potential data exfiltration. The incident is associated with South Korea (KR), indicating the affected country #SouthKorea
The ransomware claim targets the victim A*v**c** *e**c** ***em**i**, with nightspire identified as the threat actor. Data is not available now, and no country has been disclosed. #Unknown
DragonForce claims to have breached Durable Superior Casters, Inc., a US-based caster and wheel manufacturer, encrypting systems and threatening to leak sensitive data unless a ransom is paid. The claim indicates disruption to U.S. operations, targeting Durable Superior Casters’ Arlington, Texas headquarters and Ohio assembly plant, with potential data exposure and disruption to shipments #UnitedStates
A ransomware claim asserts that njpcs.org, a New Jersey-based medical practice, was targeted by the threat actor Lynx in the United States. The attackers reportedly accessed patient data and disrupted clinical operations, threatening data exposure unless a ransom is paid. #countryUnitedStates