Ransomware claim alleges that the threat actor kairos compromised Strata Republic, a Sydney- and Byron Bay-based strata management company, encrypting systems and demanding a ransom to restore access. The claim describes disruptions to residential and commercial strata services across New South Wales and highlights Strata Republic’s reliance on technology-enabled solutions. #Australia
Category: Ransom Monitor
Limkon is listed as the victim in this ransomware claim, with the country unspecified. The claim attributes the attack to threat actor qilin, with N/A for additional context #Unknown
Guesty reports a ransomware claim attributed to the LITELLM/TRIVY CAMPAIGN (TEAMPCP) and vect, with approximately 700GB of data exfiltrated, including the userbase and Airbnb/Booking.com information, while negotiations are ongoing. Approximately 4 million emails with attachments were sent or received, and a 9d 8h deadline applies to the breach affecting the property management sector’s internal projects #Israel
S&PGLOBAL is the victim in a ransomware claim tied to the LiteLLM/Trivy campaign (TeamPCP) attributed to vect, involving 250GB of data from the Business Services sector including internal projects, secrets, and API keys. Negotiations with threat actor vect are ongoing, with a deadline of 8d 8h. #UnitedStates
Dragonforce claims to have compromised Empower Group, a hub for clients to access a range of funding products and working capital through partnerships with more than 40 private finance institutions. The claim indicates service disruption and potential data exposure affecting Empower Group’s clients, business owners, and lenders connected through its network. #Unknown
A ransomware claim targets TFE Group, an Architecture, Engineering & Design firm in Australia, with the threat actor listed as payload. The incident attributes the attack to payload and notes Australia as the impacted country #Australia
A ransomware claim targets orientalweavers.com, alleging a payload was deployed against the Cairo-based textile manufacturer established in 1979. Oriental Weavers produces rugs, carpets, upholstery, and related textiles, and is headquartered in Cairo, Egypt. #Egypt
Sunlight Express Airways is the victim in a ransomware claim where a payload was used to encrypt core IT systems supporting ticketing, reservations, and the Sunlight Miles loyalty program. The claim also indicates data exfiltration and extortion, with threats to publicly disclose passenger and operational data unless a ransom is paid. #Philippines
Marino Food Products Pvt Ltd, a Hyderabad-based bakery company known for biscuits, cookies, cakes, and breads, reported a ransomware incident in which a payload encrypted critical files and disrupted online ordering and retail operations. The claim links the incident to the LK designation, indicating Sri Lanka as the impacted country. #SriLanka
The ransomware claim targets Franziskusschule Wilhelmshaven, a Catholic school in Wilhelmshaven, Germany, attributed to the payload threat actor. This incident underscores the risk to educational institutions in Germany from the payload-led ransomware campaigns. #Germany
Biotehnos, a Romanian pharmaceutical company, claims it was hit by a ransomware incident attributed to the threat actor lamashtu. The claim indicates the attack affected its operations in Romania #Romania
The SilentRansomGroup claims to have breached Harris Beach Murtha, a U.S.-based law firm, encrypting files and threatening to publish sensitive client data unless a ransom is paid. The incident is described as causing operational disruption for the firm and potentially exposing confidential information, reflecting a targeted ransomware claim against a northeastern U.S. law practice. #NewZealand
Qilin claims to have compromised Clearwater Marine Aquarium in the United States, encrypting files as part of the attack. The claim also threatens the release of exfiltrated data unless a ransom is paid, with no further details provided. #UnitedStates
The claim states that the threat actor Kairos compromised FriendlyCare Pharmacy in Australia, encrypting systems and potentially exfiltrating customer data. A ransom demand was reportedly issued, with threats of public disclosure if payment is not received. #australia
Interlock claims to have breached the University of Warsaw’s Faculty of Management, exposing data on students, instructors, and leading professors, as well as student projects and papers, due to weak security and unreliable data storage. The breach underscores vulnerabilities in academic data management in Poland #Poland