Alleged ransomware claim targets Omikenshi Co., Ltd., a Japan-based company involved in textiles, lifestyle products, cosmetics, and software development, with the threat actor thegentlemen purportedly behind the attack. The claim states that the attackers demanded payment in exchange for decrypting data and assurances not to leak or publicly release sensitive information #Japan
Category: Ransom Monitor
Estudio O’Farrell, a prestigious law firm based in Buenos Aires, Argentina, reportedly faced a ransomware incident attributed to the threat actor crypto24. The attack allegedly disrupted operations and threatened sensitive client data as part of a crypto24-led extortion campaign. #Argentina
Grupo Tawa, a Peru-based business group, reported a ransomware incident claimed by the threat actor ‘thegentlemen’, threatening to leak or block access to data unless payment is made. The company has over 18 years of experience, serves more than 2,500 clients, and employs about 15,000 individuals annually, underscoring its prominence in the region #Peru
Threat actor TheGentlemen claims to have breached Delta Ducon Engenharia, a Brazil-based company, deploying ransomware to encrypt networks and exfiltrate confidential data. They threaten to publicly release or sell the stolen information unless a ransom is paid, marking Brazil as the impacted country.
#Brazil
WorldLeaks claims to have breached Marion Military Institute in Marion, Alabama, encrypting critical systems and exfiltrating sensitive data. The group threatens a ransom demand and the potential public release of the stolen data if the victim does not comply.
#UnitedStates
The claim asserts that the Osiris threat group launched a ransomware attack against Mantra Softech Pvt., disrupting operations and compromising systems. It further states that the attackers demanded a ransom to prevent data exposure and threatened to leak sensitive information. #India
A ransomware claim alleges that iGLS Laboratorio in Spain was hit by a payload-driven attack, disrupting its advanced diagnostic services in genetic and reproductive immunology. The attack targets preconception, preimplantation, and prenatal testing offerings, potentially impacting medical professionals, hospitals, and patients worldwide #Spain
Incransom’s ransomware claim alleges Kiswire Ltd., a Busan-based steel wire manufacturer in South Korea, suffered a data breach with 128 GB exfiltrated, including technologies, product specifications, control data, assembly schemes, material specifications, drawings, product tests, logistics, financial indicators, and other corporate information. Leaked data reportedly comprises 118,019 files and 22,024 folders, including complete employee records (personal data, photographs, gender and skin color) and other confidential data, signaling a substantial impact on the company’s operations #SouthKorea
Threat actor Akira has claimed a ransomware incident against Rioja Motor in Spain, threatening to upload 17 GB of corporate data. The leaked data reportedly includes employee personal information (passports, IDs, addresses, emails), medical information, client documents, financials, and internal project correspondence #Spain
The ransomware claim targets Marborges Agroindustria in Brazil and is attributed to the threat actor Exitium. Details from ZoomInfo regarding Marborges Agroindustria support the claim by highlighting the company’s security weaknesses. #Brazil
A ransomware claim targeting Atlas Ocean Voyages has been attributed to the threat actor Insomnia, who asserts unauthorized access to internal systems and data. Atlas Ocean Voyages is a US-based operator offering year-round all-inclusive expedition cruises for under 200 guests, led by expert guides and caring crew. #UnitedStates
A ransomware claim targets Groupe SFPI in France, attributed to the threat actor qilin. The attackers reportedly encrypted data and demanded a ransom from the organization #France
The threat actor Akira claims they will upload 50gb of CONCEPTNET’s corporate data, including employee personal information (passports, IDs, addresses, emails), financials, NDAs, and project files, unless their ransom demands are met. This ransomware claim targets CONCEPTNET GmbH, a US-based media agency, threatening public data exposure and disruption to its operations #UnitedStates
This ransomware claim implicates the Akira threat actor in targeting Nafco in Japan and threatening to upload 150 GB of corporate data as leverage. The data at risk includes employee personal information (passports, IDs, medical data), financials, and contracts, with a public release expected if demands are not met #Japan
Ransomware claim targets the victim *o**e-*a** du ***n*c****, with limited information currently available. The threat actor behind this operation is nightspire, and data is not available now. #Unknown