Pollo Cibao, a Dominican Republic-based poultry producer and processor with over 1,800 direct employees, is identified as the victim in a ransomware claim attributed to thegentlemen. The claim notes Pollo Cibao’s involvement in incubation, raising, fattening, processing of poultry and manufacturing of animal feed, with the Dominican Republic identified as the impacted country. #DominicanRepublic
Category: Ransom Monitor
The ransomware claim alleges that the threat actor thegentlemen targeted True Value in the United States. Details of the incident are sparse and no ransom amount, method, or timeline is confirmed. #UnitedStates
The ransomware claim asserts that the threat actor qilin compromised Grupo Tomza in Mexico, encrypting systems as part of the attack. There are no available details on ransom demands, data leakage, or the extent of the incident. #Mexico
Bluefish Dental & Orthodontics in the United States reportedly faced a ransomware claim attributed to the actor qilin. The claim involves data encryption and potential extortion by qilin against the US-based practice #UnitedStates
Anubis claims a data breach involving Micaforce Technology in China, tied to the cloud provider’s clients. The claim notes that client data stored with the cloud provider may have been exposed.
#China
The ransomware claim targets onlinedivorcetexas.com, attributed to threat actor killsec, with price listed as ??? and disclosures 0/1. Impacted country: United States #UnitedStates
qilin claims it compromised Madison Services, Inc. in the United States and deployed ransomware, encrypting files across its systems. The claim references data exfiltration and a ransom demand, but there is no independent verification. #UnitedStates
LaBaguette is identified as the ransomware victim in a claim attributed to the threat actor qilin. The report provides no country information for the incident. #unknown
Akira, a threat actor, is claiming a ransomware operation against McFarlane Agencies, an independent insurance brokerage in Okotoks, Alberta, with a threat to upload 10 GB of corporate data. The attackers warn of exposure of detailed clients’ personal documents (SSNs, passports, driver’s licenses, addresses, phone numbers), employee data, financials, client files, and NDAs, signaling an imminent data breach in Canada. #Canada
Altalingua, a leading multilingual technical documentation provider for automotive and mechanical engineering sectors, has been targeted in a ransomware claim by the threat actor ‘lynx’ in Spain. Lynx claims to have compromised Altalingua’s systems and threatens to release stolen data or disrupt services unless their demands are met #Spain
The Cherokee Group reports a ransomware claim by the threat actor akira, threatening to upload corporate data soon, including employee personal documents, financials, projects, drawings, specifications, and NDAs. Fabcon manufactures and erects precast concrete wall panels for every type of structure, with projects ranging from a 10,000 square-foot machine shop to a 1,000,000 square-foot distribution center and a 16-story housing facility. #UnitedStates
The ransomware claim alleges that threat actor Akira will upload nearly 190 GB of Fabcon’s corporate data, including client information, employee personal documents (passports, SSNs, DLs), detailed financials, confidential project files, and NDAs. Kerkstra Precast data is also expected to be disclosed. #UnitedStates
Qilin claims to have executed a ransomware attack on ABAR S.p.A., an Italian company, encrypting systems and threatening data leakage. The claim provides limited details and has not been independently verified. #Italy
The ransomware claim identifies tengu as the threat actor behind an attack on Shora Advisory, a Morocco-based network of accounting, consulting, and auditing firms. The incident targets Shora Advisory across major Moroccan cities, disrupting its financial management, accounting, legal and tax services #Morocco
GrayMatter, a Bangalore-based IT company specializing in data analytics, AI, and BI with flagship products like Skateboard and StoreSense, is the alleged victim of a ransomware operation attributed to Sinobi. The claim indicates the incident impacted operations in the United Kingdom #UnitedKingdom