Note: No files or stolen information are hosted or disclosed in this report. Any legal issues relating to the content of the files should be directed at the attackers directly. This summary is solely for informational purposes.

C.I. Scientific Pty Ltd – Lynx

Threat Actor: Lynx
Victim: ciscientific.com.au
Industry: Technology
Details of Breach: The ransomware leak page for C.I. Scientific Pty Ltd indicates a significant security compromise affecting the organization, which specializes in the repair, maintenance, and calibration of scientific equipment. The incident, discovered on March 11, 2025, suggests potential exposure of sensitive operational data. A screenshot shows aspects of the compromised information, although no specific user data was reported as compromised.

Springfield Water and Sewer Commission – Lynx

Threat Actor: Lynx
Victim: Springfield Water and Sewer Commission
Industry: Public Services
Details of Breach: The ransomware leak page for the Springfield Water and Sewer Commission reveals the exposure of operational documents that could impact public safety. Discovered on March 11, 2025, the incident raises concerns about the security of sensitive information within public sector organizations. A screenshot indicates the seriousness of the breach, though specifics about the data compromised are not detailed.

Ultimate Class Limo – Safepay

Threat Actor: Safepay
Victim: ultimateclasslimo.com
Industry: Transportation
Details of Breach: The leak page for Ultimate Class Limo suggests a ransomware attack affecting the company’s operations. Discovered on March 11, 2025, the page indicates no identifiable user or employee data was compromised, focusing instead on the company’s operational details. There are no specific download links or images available, ensuring confidentiality regarding sensitive information.

Jockeysalud – Safepay

Threat Actor: Safepay
Victim: jockeysalud.com.pe
Industry: Healthcare
Details of Breach: The ransomware leak page for Jockeysalud indicates a serious security incident affecting their health services in Lima, Peru. Discovered on March 11, 2025, the leak suggests potential exposure of sensitive patient information. The page includes infostealer statistics and mentions various tools used in the breach, highlighting the active threat landscape in the healthcare sector.

Haven Resorts – Safepay

Threat Actor: Safepay
Victim: havenresorts.com
Industry: Hospitality
Details of Breach: The leak page for Haven Resorts outlines a data breach impacting their operations. Discovered on March 11, 2025, the page indicates potential risks to sensitive data related to customer accommodations and services. Various statistics about the company’s data security and user interactions are provided, reflecting ongoing vulnerabilities in the hospitality sector.

Trading Academy – Safepay

Threat Actor: Safepay
Victim: tradingacademy.com
Industry: Education
Details of Breach: The ransomware leak page for Trading Academy reveals a significant data breach involving 451 affected user accounts. Discovered on March 11, 2025, the leak suggests that sensitive information may have been compromised, with references to various infostealers like RedLine and Raccoon. The incident raises concerns regarding cybersecurity in educational institutions.

LGIPR – Safepay

Threat Actor: Safepay
Victim: lgipr.com
Industry: Intellectual Property
Details of Breach: The ransomware leak page for LGIPR indicates a compromise involving sensitive organizational data. Discovered on March 11, 2025, the leak suggests unauthorized access to internal documents, though no specific user data was reported as compromised. The absence of download links ensures that sensitive information remains confidential.

Motomecanica – Safepay

Threat Actor: Safepay
Victim: motomecanica.com
Industry: Maritime
Details of Breach: The ransomware leak page for Motomecanica highlights the company’s expertise in maritime equipment. Discovered on March 12, 2025, the leak indicates that a few user accounts were affected by infostealer activity. While no sensitive information was disclosed, the incident emphasizes the importance of cybersecurity in the maritime industry.

Skyward Specialty Insurance – Killsec

Threat Actor: Killsec
Victim: Skyward Specialty Insurance
Industry: Financial Services
Details of Breach: The ransomware leak page for Skyward Specialty Insurance indicates a significant security breach that may expose sensitive internal data. Discovered on March 11, 2025, the page includes a screenshot representing the organization’s website, highlighting the potential risks to client trust and the integrity of operations in the financial sector.

Cali Los Olivos – Safepay

Threat Actor: Safepay
Victim: cali.losolivos.co
Industry: Funeral Services
Details of Breach: The ransomware leak page for Cali Los Olivos indicates a serious security incident involving the funeral services company in Colombia. Discovered on March 11, 2025, the leak raises concerns over data integrity and the potential exposure of sensitive operational information. While no specific details about the data compromised are provided, the involvement of the Safepay group suggests a targeted attack. A screenshot hints at the nature of the breach without offering explicit details.

Trymata – Killsec

Threat Actor: Killsec
Victim: Trymata
Industry: Technology
Details of Breach: The leak page for Trymata reveals potential exposure of sensitive information due to a ransomware attack. Published on March 11, 2025, the page indicates that specific details about the nature of the data leaks remain unspecified. A screenshot is included, but the implications of the breach for customers and operations are not fully detailed, emphasizing the need for enhanced cybersecurity measures.

Baykar – Babuk2

Threat Actor: Babuk2
Victim: Baykar
Industry: Defense
Details of Breach: The ransomware leak page for Baykar details a significant compromise involving sensitive company information within the defense sector. The attackers claim to have gained administrative access to the company’s management panel, potentially exposing critical employee and product data. The incident raises alarms about the security of sensitive information in the defense industry, with screenshots and a mention of social media implications noted.

Unimore – Funksec

Threat Actor: Funksec
Victim: unimore.it
Industry: Education
Details of Breach: The ransomware leak page for the University of Modena and Reggio Emilia (Unimore) highlights a serious data breach affecting the institution. The leak, discovered on March 11, 2025, suggests that approximately 1,000 files containing sensitive information have been compromised. The presence of infostealers like RedLine indicates a significant security threat, raising concerns about the protection of sensitive data in educational settings.

Hyponamiru – Arcusmedia

Threat Actor: Arcusmedia
Victim: Hyponamiru
Industry: Technology
Details of Breach: The leak page for Hyponamiru outlines the functionalities of their web application for managing mortgages. The page indicates a recent compromise with potential exposure of sensitive operational data. While specific details about the nature of the data involved were not disclosed, the mention of a screenshot suggests risks associated with data security.

Hypernova Telecom – Arcusmedia

Threat Actor: Arcusmedia
Victim: Hypernova Telecom
Industry: Telecommunications
Details of Breach: The ransomware leak page for Hypernova Telecom indicates a serious security incident affecting the company’s operations in providing internet services. The breach raises concerns about the potential exposure of sensitive data, although specifics regarding the nature of the compromise are not provided. The presence of a screenshot reinforces the severity of the situation.

Summary