According to the ransomware claim, the threat actor nightspire compromised OEC Medical Systems, Inc in the United States and encrypted multiple systems on their network. The claim also states that data was exfiltrated and a ransom was demanded for decryption and non-disclosure. #UnitedStates
Category: Ransom Monitor
The Trevino Group, Inc., in the United States, reports a ransom claim by the actor incransom, who purports to have collected confidential documents, client data, NDA documents, financial data, operations information, corporate data, business agreements, drawings, and other highly sensitive materials. The actor threatens to publish or monetize the data unless a ransom is paid #UnitedStates
Uniflex Technology Inc. reports a ransomware incident attributed to the threat actor incransom, claiming 430GB of confidential data was exfiltrated and will be fully published within two weeks. The leaked material includes client data, agreements, drawings, contracts, and technical documentation from major clients such as Asus, BMW, Mercedes-Benz, Dell, Volkswagen, Wacom, Innolux, ELAN Microelectronics, Netronix, Solomon Systech, and others, potentially impacting operations in Taiwan. #Taiwan
Un reclamo de ransomware atribuido al grupo tengu señala a Disuelas JC SAS en Colombia como víctima, alegando haber cifrado datos de la empresa. La dirección principal proporcionada es CALLE 26 SUR 29 49 en la ciudad de BOGOTA, BOGOTA, y el teléfono 6016296011; la empresa se dedica a la fabricación de partes del calzado #colombia
A ransomware claim lists Mills Products as the victim, attributed to the threat actor qilin in the United States. Details are sparse (N/A) regarding ransom demands, encryption method, or incident impact. #UnitedStates
Vitosha Park Hotel in Bulgaria reports a ransomware incident attributed to the threat actor Anubis, resulting in an employee data breach. The incident is under investigation to determine the scope of data exposure and to implement containment measures. #Bulgaria
Langley Twigg Law in New Zealand was targeted by the ransomware gang Anubis, resulting in a personal and corporate data breach. The incident claim states that Anubis breached both personal and corporate data for Langley Twigg Law, affecting entities in New Zealand #NewZealand
Qilin claims a ransomware incident against Centrotherm International in Germany. No additional details about the impact, methodology, or data exfiltration are provided (N/A). #Germany
The ransomware claim identifies WRENLAWFIRM.COM as the victim and attributes the incident to the clop group. The description notes standard ransomware behavior and potential data exposure, and is AI-generated ‘N/A’. #Unknown
Threat actor Handala claims the youths of resistance have their eyes wide open and will respond fiercely when the time comes. The message foresees the rise of the leopard signaling the sunset of the lions and asserts that the Pharaohs of our era will realize the strength they hold. #Palestine
Rhysida claims to have compromised Cytek Biosciences, a US-based cell analysis solutions company. The group states that all data was sold and threatens further data releases, promising to upload new companies later #UnitedStates
Nightspire claims a ransomware incident targeting The Successful Match, involving The Successful Match (MD2B). The claim identifies the United States as the impacted country #UnitedStates
ADIFSE.com.ar, the Administración de Infraestructuras Ferroviarias Sociedad del Estado, a state-owned railway infrastructure company in Argentina, is named in a ransomware claim. The claim attributes the attack to safepay, the threat actor behind this incident in Argentina. #Argentina
MBM, a Polish company specializing in professional training, compliance support, and the implementation of mandatory procedures for both public institutions and private organizations, reports a ransomware claim attributed to the threat actor thegentlemen. The incident underscores the need for robust data protection and GDPR-aligned practices across MBM’s services.
#Poland
Safepay claims to have compromised LC Publishing Group S.p.A., a Milan-based international digital publishing and information services company operating lcpublishinggroup.com. The claim describes ransomware activity, including file encryption and potential data exfiltration, reportedly impacting operations in Italy. #Italy