This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ransomware attacks and the often-redacted information publicly available, details may be limited in some cases. The information presented here is compiled from publicly available sources and should not be considered exhaustive.
Note: No files or stolen information are hosted or disclosed in this report. Any legal issues relating to the content of the files should be directed at the attackers directly. This summary is solely for informational purposes.
Andreyev Engineering – Ransomhub
Threat Actor: Ransomhub
Victim: andreyevengineering.com
Industry: Engineering Services
Details of Breach: The ransomware leak page for Andreyev Engineering indicates a significant incident involving the company. Specific details about the nature of the compromise remain undisclosed, but the page features four images that suggest visual content related to internal documents may have been leaked. The absence of download links implies that the information is presentational, aimed at motivating action through visibility of compromised materials. This breach underscores the importance of cybersecurity for organizations in the engineering sector.
Family Community Health Center – Ransomhub
Threat Actor: Ransomhub
Victim: familychc.com
Industry: Healthcare
Details of Breach: The leak page for Family Community Health Center contains a series of eight images related to the ransomware incident. Specific details regarding the content of these images are not disclosed, and the absence of text suggests that information is primarily conveyed visually. No download links are available, indicating a focus on displaying the ransomware’s extortion materials without providing direct access to sensitive data. This incident highlights significant cybersecurity concerns in the healthcare sector.
Cimenyan Desa – Funksec
Threat Actor: Funksec
Victim: cimenyan.desa.id
Industry: Local Government (Village Website)
Details of Breach: The ransomware leak page for the domain cimenyan.desa.id indicates a breach involving an Indonesian village website. The incident suggests that the site may have vulnerabilities exploited by malicious actors. Only two users are reported to have been affected, and while a screenshot related to the domain is available, specific operational insights are lacking. This breach emphasizes the potential risks to local governmental entities.
InternetWay – APOS
Threat Actor: APOS
Victim: InternetWay
Industry: Telecommunications
Details of Breach: The ransomware leak for InternetWay reveals a serious incident within the telecommunications industry. Although specific details about the compromise are undisclosed, the leak indicates that sensitive data may have been accessed. Screenshots related to the attack illustrate aspects of the leak without providing explicit details about the compromised data. The attack raises concerns about data security and the implications for the broader telecommunications network.
Netcom-World – APOS
Threat Actor: APOS
Victim: Netcom-World
Industry: Telecommunications
Details of Breach: The leak page for Netcom-World describes a ransomware attack impacting the telecommunications sector. Specific details regarding the nature of the compromise remain undisclosed, but the incident was discovered on March 4, 2025. Screenshots related to the attack suggest the presence of sensitive internal information, raising concerns about data security and potential operational disruptions.
Ewald Consulting – BianLian
Threat Actor: BianLian
Victim: Ewald Consulting
Industry: Accounting
Details of Breach: The ransomware leak page for Ewald Consulting focuses on the company’s specialization in Housing Accounting Training and Subsidized Housing Accounting. While the page highlights engagement opportunities for professionals, it lacks identifiable download links or explicit content leaks. The absence of images limits visual analysis, and the communication methods reflect a typical practice among ransomware groups to maintain anonymity.
Iovate Health Sciences – Clop
Threat Actor: Clop
Victim: Iovate.com
Industry: Health Supplements
Details of Breach: The ransomware leak page for Iovate Health Sciences indicates that the company specializing in dietary and health supplements has been compromised. The leak highlights potential vulnerabilities linked to Iovate’s online presence. While specific sensitive data is not disclosed, concerns regarding the company’s internal documents and client information have been raised. A screenshot is included, emphasizing the serious nature of the incident.
Legal Aid Society of Salt Lake – BianLian
Threat Actor: BianLian
Victim: Legal Aid Society of Salt Lake
Industry: Non-Profit Legal Services
Details of Breach: The ransomware leak page for the Legal Aid Society of Salt Lake provides information about the organization, which offers free legal representation for low-income families. The leak indicates a collaborative opportunity for various professionals but lacks specific details about the nature of the compromise. No download links or images are present, ensuring that sensitive data remains protected.
Rockhill Women’s Care – Qilin
Threat Actor: Qilin
Victim: rockhillwc.com
Industry: Healthcare
Details of Breach: The ransomware leak page for Rockhill Women’s Care indicates that all company data is set to be available for download on March 11, 2025. The organization provides comprehensive OB/GYN services and has a strong commitment to quality patient care. The future download date suggests a significant breach that may impact the privacy and security of their clientele.
Goencon – Ransomhub
Threat Actor: Ransomhub
Victim: goencon.com
Industry: Heating & A/C
Details of Breach: The ransomware leak page for Goencon provides an overview of the data breach affecting the entity. It features five images that may include visual content related to internal documents. The absence of download links suggests that the information is presented primarily for public exposure rather than direct access to sensitive files. The lack of detailed text indicates a serious compromise that could involve critical internal documents or communications.
Peruzzi – Qilin
Threat Actor: Qilin
Victim: peruzzi.com
Industry: Automotive Sales
Details of Breach: The ransomware leak page for Peruzzi Auto Group reveals that all company data will be made available for download on March 11, 2025. The company specializes in a wide selection of new and used vehicles and has raised concerns about the potential exposure of sensitive information related to both the company and its customers. The leak includes a screenshot showcasing the ransom demand but lacks explicit details about the nature of the compromised data.
BPM Microsystems – Qilin
Threat Actor: Qilin
Victim: bpmmicro.com
Industry: Technology
Details of Breach: The ransomware leak concerning BPM Microsystems indicates a significant data breach affecting the company. All data is scheduled to be available for download on March 11, 2025. The company, known for manufacturing device programmers, faces serious risks as sensitive information may be compromised. A screenshot illustrating aspects of the breach is available, underscoring the urgency for enhanced cybersecurity measures.
Seabank Group – Lynx
Threat Actor: Lynx
Victim: Seabank Group
Industry: Hospitality and Tourism
Details of Breach: The leak page for Seabank Group highlights a data breach involving this Malta-based company. The breach potentially exposes sensitive operational data, impacting customer trust and the company’s integrity. The page does not provide download links or images, emphasizing the urgency and seriousness of the incident without revealing specific sensitive details.
Wendy Wu Tours – Killsec
Threat Actor: Killsec
Victim: Wendy Wu Tours
Industry: Travel and Tourism
Details of Breach: The ransomware leak page for Wendy Wu Tours indicates a significant breach affecting the hospitality and tourism sector. While specific details about the data compromised are not provided, the incident raises concerns about the exposure of sensitive information related to customer bookings and personal data. The potential impact on the company’s reputation is considerable given the sensitive nature of the travel industry.
Tata Technologies – Hunters
Threat Actor: Hunters
Victim: Tata Technologies
Industry: Engineering Services
Details of Breach: The ransomware leak page for Tata Technologies indicates a data exfiltration incident affecting the company. Although specific details regarding the nature of the compromised data are not disclosed, evidence suggests that sensitive information may have been accessible during the breach. The implications for the company and its stakeholders are significant, emphasizing the need for robust cybersecurity measures in the engineering sector.
Ray Fogg Corporate Properties – Akira
Threat Actor: Akira
Victim: Ray Fogg Corporate Properties
Industry: Real Estate
Details of Breach: The ransomware leak for Ray Fogg Corporate Properties reveals that over 75 GB of crucial corporate documents are at risk, including sensitive financial data and employee/customer contact information. The incident could have extensive repercussions for the company. The lack of images or direct download links does not diminish the severity of the situation as the exposure of critical internal data remains a serious concern.
Grupo Baston Aerossol – Fog
Threat Actor: Fog
Victim: Grupo Baston Aerossol
Industry: Manufacturing
Details of Breach: The ransomware leak page for Grupo Baston Aerossol indicates a significant data breach with approximately 88.3 GB of sensitive information compromised. The leaked data includes internal financial documents and corporate confidential materials, potentially affecting the organization and its stakeholders. The absence of download links or images on the leak page emphasizes the seriousness of the breach while protecting sensitive data from public exposure.
Keystone Pacific Property Management LLC – BianLian
Threat Actor: BianLian
Victim: Keystone Pacific Property Management LLC
Industry: Property Management
Details of Breach: The ransomware leak page for Keystone Pacific outlines that the company manages over 60,000 units in Southern California. The breach reveals that approximately 4.5 terabytes of sensitive data may be at risk, including internal documents and leadership information. The lack of downloadable content or images indicates a focus on highlighting the breach’s severity without exposing sensitive files.
Mosley Glick O’Brien, Inc. – BianLian
Threat Actor: BianLian
Victim: Mosley Glick O’Brien, Inc.
Industry: Accounting
Details of Breach: The ransomware leak page for Mosley Glick O’Brien, Inc. indicates that this certified public accounting firm, based in Toledo, Ohio, serves a diverse range of clients, including established businesses, start-ups, and non-profits. The firm focuses on various industries such as construction and manufacturing. Although the leak suggests a significant data breach with approximately 1.2 TB of data at risk, no download links or explicit content leaks were provided. Key personnel are mentioned, reflecting the firm’s organizational structure and commitment to quality services.
FANTIN Group – Akira
Threat Actor: Akira
Victim: FANTIN Group
Industry: Manufacturing
Details of Breach: The ransomware leak associated with Falegnameria Fantin reveals a significant data breach affecting the company. More than 14 GB of sensitive information is at risk, including employee and customer contact details, financial data, and confidential agreements. The leak underscores serious risks to personal privacy and corporate security. While no specific URLs or download links are provided, the incident raises concerns about the potential implications of the compromised data.
Pampili – Fog
Threat Actor: Fog
Victim: Pampili
Industry: Children’s Products
Details of Breach: The ransomware leak page for Pampili indicates a data breach involving approximately 36.3 GB of sensitive information. The company specializes in products for female children and reports significant revenue of around $538.9 million. Compromised data includes employee CPF numbers and corporate confidential documents. The leak raises serious concerns regarding the privacy of affected individuals and the company’s operational integrity, with no download links or images provided on the page.
PFS Grupo – Qilin
Threat Actor: Qilin
Victim: PFS Grupo
Industry: Consultancy
Details of Breach: The ransomware leak page for PFS Grupo highlights the company’s commitment to innovation and its operational strategies. While specific compromise details are unspecified, the leak was discovered on March 4, 2025. A screenshot related to the organization’s material is included, but sensitive data has been sanitized. The absence of download links indicates potential risks associated with the exposure of information that could impact PFS Grupo’s operations and client trust.
365labs – Security Corp – Monti
Threat Actor: Monti
Victim: 365labs – Security Corp
Industry: Security Services
Details of Breach: The leak page for 365labs – Security Corp categorizes the incident as a “full leak,” indicating significant data exposure. While specific details are sparse, the page mentions a total of 172 views, suggesting public interest in the breach. The absence of download links implies that the leak is presented primarily for exposure rather than direct access to sensitive files. This situation highlights the ongoing challenges organizations face regarding data security in the cybersecurity sector.
Summary
| Victim | Threat Actor | Industry | Details of Breach |
|---|---|---|---|
| Andreyev Engineering | Ransomhub | Engineering Services | Visual content leak; no download links available. |
| Family Community Health Center | Ransomhub | Healthcare | Eight images related to the incident; no download links available. |
| Cimenyan Desa | Funksec | Local Government | Breach indicates vulnerabilities; minimal user impact. |
| InternetWay | APOS | Telecommunications | Serious incident; sensitive data accessed; screenshots available. |
| Netcom-World | APOS | Telecommunications | Ransomware attack discovered on March 4; screenshots of sensitive data. |
| Ewald Consulting | BianLian | Accounting | Engagement opportunities; no sensitive data leaks. |
| Iovate Health Sciences | Clop | Health Supplements | Compromise of internal documents; screenshot included. |
| Legal Aid Society of Salt Lake | BianLian | Non-Profit Legal Services | Collaborative opportunities; no sensitive data leaks. |
| Rockhill Women’s Care | Qilin | Healthcare | Data set for download on March 11; significant privacy concerns. |
| Goencon | Ransomhub | Heating & A/C | Visual content leak; no download links available. |
| Peruzzi | Qilin | Automotive Sales | Data available for download on March 11; sensitive customer information at risk. |
| BPM Microsystems | Qilin | Technology | Significant breach; data available for download on March 11. |
| Seabank Group | Lynx | Hospitality and Tourism | Potential exposure of operational data; no download links available. |
| Wendy Wu Tours | Killsec | Travel and Tourism | Significant breach; concerns about customer data exposure. |
| Tata Technologies | Hunters | Engineering Services | Data exfiltration incident; sensitive information potentially accessed. |
| Ray Fogg Corporate Properties | Akira | Real Estate | 75 GB of documents at risk; sensitive financial data exposed. |
| Grupo Baston Aerossol | Fog | Manufacturing | 88.3 GB of sensitive information compromised; no download links available. |
| Keystone Pacific Property Management LLC | BianLian | Property Management | 4.5 terabytes of data at risk; focus on severity of breach without exposing files. |
| Mosley Glick O’Brien, Inc. | BianLian | Accounting | 1.2 TB of data at risk; no download links provided. |
| FANTIN Group | Akira | Manufacturing | 14 GB of sensitive information compromised; risks to privacy and security. |
| Pampili | Fog | Children’s Products | 36.3 GB of data exposed; includes sensitive employee information. |
| PFS Grupo | Qilin | Consultancy | Commitment to innovation; sanitized data; no download links available. |
| 365labs – Security Corp | Monti | Security Services | Full leak indicated; significant public interest; no direct access to sensitive files. |
| Law Diary (USA) | Skira | Legal Support Services | Potential exposure of sensitive legal data; screenshot included. |
| Krisala Developer (India) | Skira | Real Estate | Significant breach; sensitive project data at risk; screenshot available. |
| City Government Office in Van (Turkey) | Skira | Local Government | Potential data exposure; critical for public administration; details unspecified. |
| The 19 Biggest Gitlabs | Fog | Multiple | Generic catalog of victims; no specific details or download links. |
| Eumetsat | Fog | Meteorological Services | Multiple organizations affected; lack of specific compromise details. |
| Blue Planet | Fog | Technology Consulting | Directory of organizations with no explicit details about breaches. |
| Melexis | Fog | Technology | List of organizations; no specific details or images provided. |
| Inelmatic | Fog | Manufacturing | Data breach indication; focus on listing organizations without sensitive data. |
| Kr3m | Fog | Media and Gaming | Compilation of organizations; no specific details or download links provided. |
| Kotliva | Fog | Agriculture | List of victims; lacks detailed descriptions of breaches. |
| Elite Advanced Laser Corporation | Akira | Manufacturing | 90 GB of sensitive data compromised; download instructions provided. |
| Flightsim Studio | Fog | Software Development | General overview of impacted entities; no specific breach details. |
| Euranova | Fog | Computer support and services | Compilation of organizations; lacks specific details about data compromise. |
| Neopoly | Fog | Software provider | Structured listing of potential victims; no download links or images. |
| Aeonsparx | Fog | Game development | List of organizations with links; no explicit breach details. |
| FHNW | Fog | Education | Vague details about potential incidents; no images or download links. |
| Manning Publications Co. | Fog | Publishing | Broad listing of companies; no specific breach information disclosed. |
| Bizcode | Fog | Unknown | Compilation of organizations; no specific details or download links provided. |
| 1X Internet | Fog | Unknown | List of victims; lacks detailed descriptions of breaches. |
| Engikam | Fog | Unknown | Directory of organizations; no specific breach information disclosed. |
