Stephenson Ziegenhorn & Bernard reported a ransomware incident attributed to the threat actor qilin. The incident’s country of impact is not specified (N/A). #N/A
Category: Ransom Monitor
The ransomware claim identifies Sprokkit as the victim and qilin as the threat actor. The country of operation is not specified in the claim. #Unknown
This ransomware claim identifies INGUS as the victim in the Netherlands and attributes the incident to the threat actor qilin. Details are N/A regarding the attack #Netherlands
Qilin claims to have compromised Jcm Agricola and deployed ransomware across its network. The claim ties the operation to Spain. #Spain
A ransomware claim targets Polycom, a US-based technology company known for collaboration devices and video conferencing, attributed to threat actor Everest. The claim describes data encryption or extortion against Polycom’s systems, noting Polycom’s global presence and its 2018 acquisition by Plantronics. #countryUnitedStates
Incransom claims to have compromised Best Attorneys, a US-based contingency-fee law firm in South Jordan, Utah, threatening to encrypt internal files and leak stolen data unless a ransom is paid. The message cites the firm’s motto ‘Eisenberg Lowrance Lundell Lofgren is dedicated to your success’ and notes its practice areas in personal injury, immigration, and criminal defense. #UnitedStates
Ransomware claim targets Hosowaka Micron Group, a global industrial process machinery manufacturer, alleging the Everest threat actor encrypted systems and exfiltrated sensitive manufacturing data. The notification describes worldwide operations, with a strong presence in Europe and the Americas, and identifies Japan as the impacted country #Japan
Ransomware claims allege that Shinwa Co Ltd, a Japan-based company, was targeted by the threat actor Everest, potentially involving encryption of data or data exfiltration. The AI-generated overview describes Shinwa Co Ltd as a Japan-based civil engineering and construction firm headquartered in Osaka, with activities in disaster recovery, building construction, and real estate. #Japan
Thegentlemen claim a ransomware attack against Handsome Manufacturing, a Hong Kong-based OEM producer founded in 1968, with encrypted systems and a ransom demand. Handsome’s global partnerships and production facilities in China and Indonesia imply potential disruption to major brands and supply chains. #HongKong#China#Indonesia
The ransomware claim alleges Mullinax Ford was targeted by the DragonForce threat group, with systems in Apopka, Florida encrypted. The incident is attributed to the United States and linked to the DragonForce actor. #UnitedStates
The ransomware claim alleges that Hawk Law Group in Georgia was targeted by the threat actor incransom, potentially exposing confidential client data. The firm emphasizes its Augusta-area roots and more than 71 years of collective experience in civil and criminal litigation as it responds to the incident and seeks to safeguard its clients. #Georgia
The ransomware claim targets the SoCal ROC in the United States and is attributed to the threat actor qilin (N/A). Details on the scope and impact are limited. #UnitedStates
The ransomware claim alleges that thegentlemen targeted LawSoft, Inc., a provider of CAD, RMS, and Fire/EMS software for law enforcement, and threatened to disrupt operations or exfiltrate data unless a ransom was paid. The claim highlights LawSoft’s scalable, customizable software and 24/7 US-based support, implying these attributes could be affected by the attack #UnitedStates
Beacon Mutual Insurance Company, based in Warwick, RI and serving Rhode Island with operations in MA and CT, suffered a major data leak attributed to threat actor incransom, exposing approximately 275 GB of internal data. The leaked archive includes internal corporate documents, complete financial statements (2018β2025), full employee lists with personal details, confidential agreements, NDAs, vendor contracts, detailed workers’ compensation claims data, and PII of employees and claimants #UnitedStates
The claim attributes the ransomware to the tengu group and the Tahkout Group, citing targets such as skyegtours.com, KSP TLM, COMPAGNIE FONCIΓRE PARISIENNE, lenotech.com.ph, Jakarta, Nanyang School, and namico.go.ke, with all data reportedly compromised. The claim implies encryption or exfiltration of all data across these entities, with impacted country coverage including Indonesia, the Philippines, and Kenya. #Indonesia #Philippines #Kenya