The claim alleges that the threat actor akira attacked Trionex Achats in Germany with ransomware. They threaten to upload and publish corporate data, including employees’ personal files (passports and DLs), SSNs, financials, project documentation, contracts and NDAs, and client contacts. #Germany
Category: Ransom Monitor
The ransomware claim from coinbasecartel asserts that they have 3TB of data belonging to JBS Brazil. They frame JBS Brazil as a multinational meat processing company and threaten to release or monetize the stolen data as part of an extortion campaign. #Brazil
TridentLocker claims to have compromised Jameson Pepple Cantu PLLC, a Houston-based US law firm, as part of a ransomware incident. The claim highlights the firm’s focus on corporate services, including Corporate Law, Real Estate, Mergers and Acquisitions, and Securities, and suggests potential disruption to client services and data. #UnitedStates
The ransomware claim targets the victim identified as N*X*** ** I**r****c****, and attributes the attack to the actor nightspire. Data is not available now. #Unknown
The claim alleges that the threat actor nightspire compromised KLEIN IBERICA SA in Spain and exfiltrated internal documents and financial data. Internal documents and financial data are cited as the assets targeted for ransom leverage. #Spain
A ransomware claim attributes an attack against Environmental Air, Inc. to the threat actor dragonforce, alleging encryption and operational disruption in Pittsburgh and Western Pennsylvania. Environmental Air, a long-standing provider of sheet metal fabrication, custom ductwork fittings, welding, and HVAC installation for hospitals, institutions, and retail spaces, is described in the claim as the victim affected by the incident. #UnitedStates
Handala’s ransomware claim asserts that INSS’s national security is built on deception, media manipulation, and the brainwashing of Jews. It questions how Israel’s security establishment could end the war in just a few days and warns that this time there will be no end, declaring a war between good and evil. #Israel
Napolin Law Firm reports a ransomware claim attributed to the actor incransom, targeting the firm in the United States. The incident is described as encrypting systems and potentially exposing client data, impacting operations across the United States. #UnitedStates
Verlat Energy reports a ransomware claim attributed to vect, involving 238GB of data in the Energy sector. Negotiations are ongoing with a deadline of 22d 3h. #Unknown
AiLock, a ransomware threat actor, claims to have compromised Demanor AS, a company that specializes in customized goods lifts and lifting machines tailored to the specific needs of their clients. The country of the incident is not disclosed. #Unknown
Nightspire claims to have compromised Union Laitiere de la Meuse in France in a ransomware operation. Data is not available now #France
Qilin claims responsibility for a ransomware incident targeting Grupo D’arc in Mexico. The claim provides attribution with limited detail #Mexico
Rhysida claims a ransomware incident affecting Southold Town Senior Services and the Southold Police Department, disrupting access to forms, online payments, and resident notifications. The Town of Southold, New York is assessing the breach and working to restore services for residents. #UnitedStates
thegentlemen’s ransomware claim alleges they have compromised Ricopia in Spain, threatening access to the company’s systems and data. Ricopia is a long-standing tech services firm with over 100 experts who help businesses upgrade technology and work smarter, trusted by ING Direct and BNP Paribas. #Spain
The ransomware claim states that Afezo B.V. was victimized by the threat actor thegentlemen. It describes encrypted systems and potential data leakage affecting their urban sewer and infrastructure projects in Amsterdam and the Zaanstreek. #Netherlands