Threat actor incransom claims to have compromised Sanver Forte (sanver.com.mx), a major hardware wholesaler in Mexico, potentially exfiltrating sensitive financial and operational data. The ransom note reportedly demands payment to prevent data release and to avoid disruption to customers and operations. #Mexico
Incident Details
- Victim: sanver.com.mx
- Sector: Business Services
- Country: MX
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/69f91d448f1d14b74359fb5d
- Discovered: 2026-05-05T01:53:55.943892+00:00
- Published: 2026-05-04T15:27:00+00:00
Information
- Sanver Forte: leading hardware wholesaler with over 30 years of experience
- Serves the northeastern, central, and Bajío regions of Mexico
- Offers a wide range of hardware and construction products and services
- Focuses on timely deliveries and excellent customer service
- Mission: simplify distribution of leading brands to ensure satisfaction and profitability for customers, collaborators, and shareholders
- Aim: to be the most comprehensive and secure provider of hardware and home preservation products, contributing to employee and community growth
- Employees: 1,000
- Revenue: $30 million
- Industry: Home Improvement & Hardware Retail
- Phone: +52 7898933030
- Ransomware incident attributed to the actor incransom
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.