The ransomware incident targeting Aptora in the US was claimed by the threat actor Dragonforce, alleging that both Aptora’s data and more than 100 client databases were taken from the company’s hosted infrastructure in Lenexa, Kansas. The group further indicated the stolen archives could be released to pressure Aptora leadership, despite Aptora reportedly denying any leak. #UnitedStates
Incident Details
- Victim: Aptora
- Sector: Technology
- Country: US
- Actor: dragonforce
- Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=5d3ee0c2-d584-4a80-86ae-53328d19f87c
- Discovered: 2026-06-27T00:52:38.775641+00:00
- Published: 2026-06-27T00:40:24.116536+00:00
Information
- Aptora is an aggressively growing software company based in Lenexa, Kansas, offering award-winning software and consulting services for the service and contracting industries.
- In 2006, it was voted one of the top twenty-five companies in the Kansas City area by the Business Journal.
- The company also provides data hosting and processing services on its own infrastructure for clients.
- During the intrusion, both the company’s own data and client databases were taken.
- The company reportedly showed no interest in preserving client data, and clients were told there was no leak, which was false.
- For publication, archives include Aptora data as well as databases from more than 100 clients.
- This incident could impact Aptora’s leadership and may prompt efforts to stop publication.
Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.