Worldleaks claims to have breached Leighton, a multinational construction company, encrypting core systems and exfiltrating sensitive project data tied to its GB-based operations in a ransomware attack. The threat actor demands a ransom and threatens to release the stolen files if Leighton does not pay, potentially impacting UK projects. #UnitedKingdom
Incident Details
- Victim: Leighton
- Sector: Construction
- Country: GB
- Actor: worldleaks
- Source: https://worldleaksartrjm3c6vasllvgacbi5u3mgzkluehrzhk2jz4taufuid.onion/companies/1504221778
- Discovered: 2026-03-27 17:37:10.835528
- Published: 2026-03-27 15:33:33.000000
Information
- Multinational construction company
- Undertakes major construction, infrastructure, telecommunications and engineering works worldwide
- Previously known as Leighton Contractors; rebranded as CIMIC Group in 2015
- Has completed notable large-scale building, infrastructure, civil and mining projects globally
Disclaimer: This post is based on public claims made by the ransomware group "worldleaks". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.