The claim identifies Southwire as the victim in the United States and attributes the incident to the threat actor qilin. The claim provides limited detail beyond attribution, with no publicly disclosed ransom amount or specific encryption methods. #UnitedStates
Category: Ransom Monitor
Southern Commercial Real Estate reports a ransomware incident attributed to the threat actor qilin in the United States. Details about the attack’s scope, impact, or demand have not been provided. #UnitedStates
Threat actor incransom claims to have stolen 700GB of data from JDV Products, Inc., a US-based supplier of wire wrapping tools and electrical hardware. They warn that the stolen data will be published within a week. #UnitedStates
The claim alleges that Salesforce records containing PII and other internal corporate data belonging to Infinite Campus, Inc. in the United States have been compromised by the threat actor shinyhunters. Updated 23 Mar 2026 and labeled FINAL WARNING, the message threatens to leak the data by 25 Mar 2026 if contact is not made and warns of several digital problems to come, urging the victim not to be the next headline #UnitedStates
A ransomware claim reports that Ameriprise Financial, Inc., in the United States, Salesforce records containing PII and over 200GB compressed SharePoint internal corporate data have been compromised by the threat actor shinyhunters. It is a final warning to contact by 25 March 2026 to prevent leaks and related digital problems #UnitedStates
SilentRansomGroup claims to have compromised Phelps Dunbar, a U.S.-based law firm founded in 1853 and headquartered in New Orleans, Louisiana. The claim describes ransomware activity targeting the firm, which practices in various areas of law. #UnitedStates
The ransomware claim targets HOPPEKE Singapore, the Asia-Pacific regional headquarters of the HOPPEKE Batteries Group, alleging encryption or disruption of critical operations tied to a payload intrusion. The claim identifies the threat actor as the payload and notes potential impacts on sectors served by the company, including renewable energy, rail, telecommunications, and logistics #Singapore
Threat actor thegentlemen claimed responsibility for a ransomware incident targeting SATS Sports Club Sweden, alleging data theft and threatening to publish the stolen information. The claim suggests a breach affecting SATS’s operations in Sweden and potentially across its Nordic network.
SATS is the largest fitness chain in the Nordics, founded in Sweden in 1995 with a mission to make people healthier and happier. Operating under the brands SATS, ELIXIA, and Fresh Fitness, the group runs over 274 clubs across Norway, Sweden, Finland, and Denmark, serving 733,000 members with 10,000 employees. It is also one of the five largest fitness operators in Europe, offering gym facilities, group classes, personal training, and digital fitness tools. #Sweden
A ransomware claim alleges that the threat actor thegentlemen breached PTT Philippines, threatening to encrypt systems and exfiltrate data from PTT Philippines Corporation. The profile describes PTT Philippines as a subsidiary of Thailand’s PTT Oil and Retail Business Public Company Limited, active across retail, wholesale, and commercial petroleum markets in the Philippines. #Philippines
Nanxun Enterprise Co., Ltd. reports a ransomware incident attributed to the actor qilin, with limited public details. Details on the methods, scope, and impact are listed as N/A. #Taiwan
Nightspire claims ransomware activity against the victim O**e*, with limited details available. Data is not available now, and the impacted country is not disclosed #Unknown
The ransomware claim identifies Millerfoto as the victim in the United States and attributes the attack to the threat actor qilin. Details such as encryption method and data impact are listed as N/A, and the claim ends with the impacted country as #UnitedStates
ALP-001 ransomware claims responsibility for an attack on irco.com in the United States, with a deadline of 2026-03-29 17:41:30. The claim cites 5.9 TB of storage involved and an attributed revenue of $7.7 billion #UnitedStates
Qilin claims to have compromised Grupo Coril in Peru and encrypted its systems. The threat actor also threatens to release stolen data if the ransom is not paid #Peru
ALP-001 from China claims to have compromised Hikvision (hikvision.com), with access to 19.9 TB of data and a deadline of 2026-03-30 00:20:04. The threat actor cites revenue of $13.1 Billion and 19.9 TB of data marked as ready for release. #China