All Ransomware Records

The headquarters is located in Sinzig/Rhine, where about 30 employees can rely on more than two decades of experience and can therefore assure a competent handling of our daily and future business. With more than 1.000 m2 office space and 1.500 m2 warehouse space, our headquarters also comprise our own development department as well as a highly modern production line, on which the tuning boxes are produced according to EC-Directives.Speed-Buster® sells its tuning boxes globally in more than 50 countries with high success and in high quantities. Our clients know and appreciate that the label made in Germany is a guarantee for sophisticated and high-quality products. As a support, local distributor bases are established all around the globe. Contrary to the current tendency amongst many of our competitors, SPEED-BUSTER has decided to solely produce in Germany. This allows us to intervene in a focused manner at any time of the manufacturing process and to continuously enhance our products. The loyalty of our customers has confirmed this decision time and again.

The National Fund for Educational Development (FNDE) is a federal agency under the Ministry of Education, responsible for implementing programs nationwide, including the National School Nutrition Program – PNAE, which serves 47 million students throughout the country, offering adequate and safe food in schools. Since its establishment, the FNDE has undergone several changes, which became more intense when the Brazilian government laid the groundwork for the formation of a substantive conception of education that pervades all levels of education and procedures. Thus, the agency was strengthened, especially with regard to the ongoing management of activities, projects and educational programs as a strategy to support the promotion of educational quality. Nowadays, besides the National School Nutrition Program - PNAE, the FNDE is responsible for implementing the Programs of School Transportation, National Textbook, School Direct Money, Brazil Literate, Pro-Youth, Joint Action Plan, Pro-Child, Decentralization and the Open University Credits.

The Dominican Agrarian Institute is a decentralized government agency under the Ministry of Agriculture,established by Law No. 5879 as of April 27, 1962, with the aim of carrying out agrarian reform programs throughout the national geography by seizing and distributing land to peasants to transform the structure and agricultural production, improving living conditions in a Dominican villages.

Founded in 1981. Moscone Center is headquartered in San Fransisco, California. Moscone Center is a meeting and exhibition facility

Alan Smith Pool Plastering, Inc. has been a swimming pool contractor, and an active member of the Orange County community, for over 30 years. As a Southern California pool specialist, we have completed tens of thousands of renovation and new construction projects over the years for homeowners, developers, builders, and landscape architects. In addition to the renovation and new construction of pools, in late 2007 we launched a new division of the company devoted to backyard renovation. We can now provide you with the same quality and management oversight for your entire backyard design and landscaping project that built our reputation.

Currier Ryan is an independent boutique law firm based in Boston, Massachusetts, serving families in the greater Boston area with private client and estate planning legal services. The firm focuses on tax-efficient estate plans, estate administration, lifetime gifting, fiduciary services, and trust administration. Its practice is centered on helping clients transfer assets and manage wealth across generations. Currier Ryan was listed as a ransomware victim associated with lockbit3.

Wheat Ridge is a city in Jefferson County, Colorado, in the United States, and it operates as a local government serving residents and businesses. Its official website lists city services including tax and licensing, building permits, public safety, parks and recreation, public works, planning, and community development. As a public sector entity, it provides municipal administration and frontline civic services for the Wheat Ridge community. It was listed as a ransomware victim associated with alphv.

ygboulons.com is the website of Spécialités Y.G., a family-owned industrial hardware business in Chicoutimi, Quebec. It sells bolts, fasteners, and related industrial supplies from 587, Rue des Actionnaires, serving customers in the Saguenay region. The company also provides contact, careers, and account pages through its French-language site. It was listed as a ransomware victim associated with LockBit3.

uplexis.com.br is the Brazilian website of upLexis, a technology company in the compliance and risk-management sector based in São Paulo, Brazil. Its upMiner platform helps organizations collect information on people and companies, support background checks, and streamline risk-analysis and due-diligence workflows. The company says it serves businesses and public-sector use cases with tools for governance, compliance, and fraud prevention. It was listed as a ransomware victim associated with lockbit3.

Embalajes Capsa S.L. is a Spanish commerce company based in Canet de Mar, Barcelona, specializing in the wholesale trade of cardboard packaging and related packaging products. It operates under the Capsa 2in1 brand and presents itself as a packaging solutions provider for e-commerce and other professional uses. The company lists its address in the Can Misser industrial area in Canet de Mar, Spain. It was listed as a ransomware victim associated with lockbit3.

AccionPlus is a leading human talent and outsourcing company headquartered in Bogotá, Colombia, founded in 1999 to provide services such as temporary staffing, trade marketing, headhunting, and payroll management. The firm operates across 16 cities nationwide, connecting workers with employers through dedicated recruitment and selection structures in each location. It offers comprehensive solutions including legal and labor advisory support, employee training, and productivity management for client companies. AccionPlus was listed as a ransomware victim associated with the LockBit3 threat actor.

Torin Drive, operating from Suzhou, China, is an equipment group founded in 1989 that integrates research, manufacturing, sales, and service. Its website and directory listings describe it as a specialized manufacturer and supplier of elevator traction machines and related drive equipment. The company’s online presence includes product and company information for domestic and international markets. torindrive.com was listed as a ransomware victim associated with BlackByte.

Grande Stevens International is an English law firm operating as an integrated international network with a prestigious Italian law firm, serving clients in Finance, Legal, and Insurance sectors across England and Italy. The firm offers specialized services including corporate law, banking and financial law, private wealth management, and international dispute resolution. Based in London with offices in Turin, Milan, and Rome, it functions as a boutique law firm delivering integrated legal solutions. The company was listed as a ransomware victim associated with the threat actor Blackbyte.

goodwillnm.org is the website of Goodwill Industries of New Mexico, a nonprofit based in Albuquerque, New Mexico. It operates thrift stores and donation centers while offering job training, employment services, and related community programs across the state. Its services include career training, youth employment support, and workforce programs tied to education and placement. The site was listed as a ransomware victim associated with LockBit3.

thininfra.nl is a Netherlands-based website associated with an organization in the Other sector. Publicly available information in the search results does not identify a specific product or service offering, so the entity can only be described generally from its domain and sector classification. The Netherlands has a diversified, service-oriented economy with significant activity in commercial services, technology, and innovation. In threat-intelligence catalogs, this entry is used to index the organization as a ransomware victim. It was listed as a ransomware victim associated with lockbit3.

StJohnVianney.org is the website for St. John Vianney Catholic Parish, which serves a faith community in the United States and provides parish life, worship, ministries, and related church information. The site also references ministry and campaign materials, reflecting a broader set of Catholic services and communications. In threat-intelligence catalogs, it was listed as a ransomware victim associated with LockBit3.

Steve Silva Plumbing, Inc. is a locally owned plumbing contractor based in Napa, California, serving Napa Valley since 1983. It provides residential and commercial plumbing services, including repairs, installations, new construction, and remodel work. Public business listings also describe the company as a full-scale plumbing provider with 24-hour availability. The company was listed as a ransomware victim associated with LockBit3.

statravel.de is associated with STA Travel, a travel brand in Germany that provides online travel services for students and young travelers, including flights and packaged trip options. Public company profiles describe it as part of the travel sector and indicate a German presence tied to Düsseldorf and other locations in Germany. Its offering centers on affordable, youth-oriented travel planning and booking. It was listed as a ransomware victim associated with lockbit3.

Sportlavit.nl is a Netherlands-based sport-medical wholesaler offering warming oils, cooling gels, and recovery products for athletes, physiotherapists, and massage professionals. The company, formerly known as Sport Lavit and now operating under the MediVit brand, has provided dermatologically tested body care solutions trusted by professionals and amateurs for over 50 years. Its product range includes items like Sport Gel Hot, Ice Sport Tonic, and Warm Up Body Oil, catering to fitness, therapy, and wellness sectors. Sportlavit.nl was neutrally listed as a ransomware victim associated with Lockbit3.

Perteet.com belongs to Perteet Inc., an award-winning infrastructure consulting firm based in Everett, Washington, in the United States. The company provides engineering and consulting services across transportation, energy, environmental, broadband, and related public-infrastructure work. Its services support community development and utility planning for clients in the Puget Sound region and beyond. It was listed as a ransomware victim associated with lockbit3.

microdepot.com is associated with Brico Dépôt, a French home-improvement retailer that sells DIY, hardware, paints, and glass products through large-format stores and its online catalogue. The company’s headquarters are in Longpont-sur-Orge, France, and it operates multiple locations across the country. Public business records and the retailer’s own site describe it as a nationwide commerce business in the other sector. It was listed as a ransomware victim associated with lockbit3.

Lenax.com is the website of Lenax Construction Services, a Los Angeles-based construction consulting firm. The company provides project controls, construction cost estimating, change order administration, scheduling, and document control for engineering, design, construction, and public sector clients. Its portfolio includes transportation and infrastructure work across the Los Angeles area. It was listed as a ransomware victim associated with LockBit3.

kkcsworld.com is the website of Kal Krishnan Consulting Services (KKCS), a California-based consulting and engineering firm. The company provides construction management, project management, and design services for infrastructure, facilities, and utilities work, with offices in multiple U.S. locations. Its business profile places it in the other sector rather than a single industry vertical. It was listed as a ransomware victim associated with LockBit3.

Galenica.ma is the website of Laboratoires GALENICA, a Morocco-based pharmaceutical company founded in 1978 and located in the Oulad Salah/Bouskoura industrial zone near Casablanca. It develops, manufactures, and supplies generic medicines and other healthcare products for the local market. The company also provides contact details and customer support through its official site. It was listed as a ransomware victim associated with LockBit3.

draperyconceptsny.com operates as a drapery and custom window treatment company serving clients in New York, specializing in tailored fabric solutions for residential and commercial spaces. The firm designs and manufactures draperies, blinds, and shades for contractors, architects, and interior designers, offering premium craftsmanship and design consultation. Based in New York, it caters to a diverse clientele seeking high-quality window furnishings. The company was listed as a ransomware victim associated with the LockBit3 threat actor.

Cenviro is a Malaysian environmental services company headquartered in Kuala Lumpur. It provides integrated waste management, including scheduled waste management, recycling and recovery, and municipal solid waste services through subsidiaries such as Kualiti Alam, Cenviro Services, and Cenviro Recycling & Recovery. The company describes itself as a leading waste resource management provider serving industrial and municipal needs. It was listed as a ransomware victim associated with LockBit3.

Americantilestone.com appears to represent American Tile & Stone, a U.S. business in the broader other sector that markets tile, stone, and related surface products and services. Public web search results do not provide a clear official company profile or location, so the listing is described conservatively from the domain name and available context. The site name indicates a commercial brand rather than a consumer news or media property. It was listed as a ransomware victim associated with lockbit3.

Tru-Fab Technology, Inc. is a US metal manufacturing company based in Eastlake, Ohio. Its public profiles describe a full-service operation focused on custom fabrication, machining, welding, deep-hole drilling, and powder coating. The company also says it serves customers with on-time delivery, quality, and communication. In threat-intelligence indexing, trufab.com was listed as a ransomware victim associated with LockBit3.

Canteen.com is the website of Canteen, a U.S. workplace food-service company that provides vending, micro markets, coffee, dining, and pantry solutions. It serves clients nationwide and operates through local branches and franchise partners across the United States. The company says it supports workplaces, campuses, and other facilities with scalable breakroom offerings. In threat-intelligence catalogs, canteen.com was listed as a ransomware victim associated with lockbit3.

hikadikoy.com is the website for Holiday Inn Istanbul - Kadikoy, an IHG hotel on Istanbul’s Asian side in the Kadikoy district of Türkiye. The property is a modern, full-service hotel offering guest rooms, conference facilities, and amenities such as Wi‑Fi, a spa, sauna, and Turkish bath. Its contact details on IHG include the domain email addresses used for hotel reservations and front desk communication. It was listed as a ransomware victim associated with lockbit3.

centrodsr.it is an Italy-based organization in the broad Other sector; available search results do not identify a more specific public business profile, product line, or service catalog. In the context of Italy’s expanding digital economy, the name appears as a domain-based entity rather than a clearly described consumer brand or public institution. It was listed as a ransomware victim associated with lockbit3.

Lampton School is an 11-18 comprehensive academy in central Hounslow, West London, serving a diverse student body and offering secondary and sixth-form education. The school describes itself as a large, mixed, multi-ethnic education provider and a National Teaching School with SCITT activity. In threat-intelligence indexing, Lampton School is listed as a ransomware victim associated with vicesociety.

Frances King School of English is a London-based English language school in the Education sector, located in Kensington and Chelsea, with additional central London teaching sites. It offers English courses for international students, including general English, business English, and programmes for different ages and study goals. The school describes itself as a leading English language school focused on speaking and learning in an accredited setting. It was listed as a ransomware victim associated with vicesociety.

Altice International is a Netherlands-based services company within the Altice telecom group, operating from Amsterdam. It provides telecommunications services including broadband internet, fixed-line telephony, mobile, and pay-television offerings to residential and corporate customers across its markets. The group is part of the broader Altice structure associated with cable, fiber, telecommunications, content, and media operations. It was listed as a ransomware victim associated with hive.

ANGT - HACKED. MORE THEN 700 GB SENSITIVE DATA LEAKED refers to an incident involving a company in the Other sector, where over 700 GB of sensitive data was reportedly leaked following a ransomware attack. The entity is associated with the threat actor lv, known for targeting organizations across unspecified sectors and locations. No official confirmation of the breach or specific data types has been publicly disclosed by the affected company. The incident was listed as a ransomware victim associated with lv.

growag.ch belongs to Growag Feuerwehrtechnik AG, a Swiss company based in Grosswangen, Lucerne, in Switzerland. It operates as a leading distributor and manufacturer of fire-service equipment, with offerings spanning firefighting materials, protective gear, fire protection, and work-safety products. The company presents itself as serving fire brigades and related safety applications across Switzerland. It was listed as a ransomware victim associated with lockbit3.

Baton Rouge General is a healthcare provider in Baton Rouge, Louisiana, serving patients through hospital and clinic locations across the city and nearby areas. Its services include primary care, urgent care, specialty clinics, emergency care, and patient tools such as online scheduling and MyChart access. The organization operates facilities at Mid City and Bluebonnet, with additional services in the surrounding region. It was listed as a ransomware victim associated with Hive.

Enso Detego GmbH is a leading provider of auto-ID and RFID software solutions, headquartered in Graz, Austria, serving the fashion, food, beverage, automotive, and electronics industries. The company specializes in developing and distributing software for retail and quality management, focusing solely on RFID technology for global retail applications. Founded in 2011, Enso Detego has expanded its operations with offices in the UK, Austria, the USA, and Russia, establishing itself as a global RFID provider. Enso Detego was listed as a ransomware victim associated with the threat actor donutleaks.

Sando is a South Korea-based company in the other sector, with public company profiles describing it as an industrial manufacturer of auto parts and related products. Bloomberg identifies Sando as a business that produces, processes, and sells automotive stampings and other products, indicating an industrial manufacturing profile. In threat-intelligence indexing, it appears as a ransomware victim entry. The listing was associated with donutleaks.

CMZ UK is the UK arm of CMZ, a machine tool manufacturer with more than 75 years of experience in the sector and a focus on CNC lathes for industrial customers. Its UK presence is associated with Rugby, Warwickshire, and its company records also show a Birmingham registered office. CMZ describes its business as serving the machine tool market with products and technical support for manufacturing operations. The entity was listed as a ransomware victim associated with donutleaks.

PlanET Biogas Solutions Inc. is the Canadian subsidiary of PlanET Biogas Group, based in St. Catharines, Ontario, Canada. It develops, builds, and services anaerobic digestion, biogas, and renewable natural gas systems for agriculture and organics customers. The company says it has operated in Canada since 2006 and is part of a wider international biogas business with projects across North America and beyond. It was listed as a ransomware victim associated with donutleaks.

Sheppard Robson is a British architecture practice with offices in London, Manchester and Glasgow, and it provides architectural and design services across sectors including offices, education, residential, healthcare, science and retail. It is based in the United Kingdom and operates through studios serving projects in England and Scotland. In threat-intelligence listings, Sheppard Robson was identified as a ransomware victim associated with donutleaks.

Bombardier Recreational Products (BRP) is a Canadian powersports manufacturer headquartered in Valcourt, Quebec. It designs and sells snowmobiles, all-terrain vehicles, side-by-sides, motorcycles, personal watercraft, and related engines through brands including Ski-Doo, Sea-Doo, Can-Am, and Lynx. BRP operates globally across North America, Europe, and other markets, serving recreational mobility segments rather than communication or marketing services. It was listed as a ransomware victim associated with ransomexx.

Olamgroup is a Singapore-headquartered food and agri-business founded in 1989, publicly listed on the Singapore Exchange, and operating across 60 countries to supply food, ingredients, feed, and fibre to over 20,000 customers worldwide. The company engages in sourcing, processing, packaging, and merchandising of agricultural products, placing it among the world's largest suppliers of cocoa beans, coffee, cotton, and rice. As a leading entity in the Services sector, Olamgroup serves multinational organizations and smaller enterprises with high-quality food and industrial raw materials. Olamgroup was listed as a ransomware victim associated with the threat actor everest.

GMX is a Germany-based internet company best known for providing email services, online account tools, and related web services through the GMX brand. It operates as part of 1&1 Mail & Media and serves users with mailbox, cloud, calendar, and data-management features. In threat-intelligence catalogs, GMX appears under the Other sector because its core business is digital services rather than a traditional industry vertical. It was listed as a ransomware victim associated with blackbyte.

studiobarba.com is a hospitality-sector website associated with food and beverage and tourism services in Italy, based on its name and industry classification. Hospitality spans accommodation, food and beverage, travel, and tourism, and related businesses often present services for guests, dining, and visitor experiences. Public threat-intelligence listings associated studiobarba.com with the LockBit3 ransomware group. It was listed as a ransomware victim associated with lockbit3.

ruffinlawyers.com.au is an Australian legal-services domain associated with the finance, legal and insurance sector, indicating a law-related practice serving clients in those areas. In that sector, firms commonly provide legal advice and representation connected to financial services, disputes, regulation and related commercial matters. The site was listed as a ransomware victim associated with LockBit3.

Robitgroup.com is the website of Robit Plc, a Finnish public company based in Lempäälä, Finland. It supplies drilling consumables and related technologies for mining, construction, and other drilling applications, serving customers in global markets. The company presents itself as a strongly internationalized growth business focused on drilling tools and consumables. It was listed as a ransomware victim associated with lockbit3.

pinjuhlaw.com is associated with the Finance, Legal, and Insurance sectors, reflecting a business profile centered on regulated financial services and legal-advisory activity in Indonesia. The available source material does not provide a verified company profile, location, or service catalog for the domain, so its offerings cannot be stated more specifically without invention. In threat-intelligence indexing, the domain is treated as an entity in a heavily regulated professional-services segment. It was listed as a ransomware victim associated with lockbit3.

Orion Innovation is a Services-sector technology company headquartered in Edison, New Jersey, with global operations and offices in India. It provides data and AI-enabled software engineering, cloud, digital experience, and digital transformation services for enterprise clients. Public company profiles also describe it as a software systems developer and adviser focused on digital automation and product development. It was listed as a ransomware victim associated with lockbit3.

Destination Hope is a behavioral health and addiction treatment provider based in Tamarac, Florida, serving clients in the Fort Lauderdale area. It offers substance abuse and mental health care, including residential, partial hospitalization, and intensive outpatient programs, with dual-diagnosis treatment for co-occurring conditions. The organization presents itself as a rehabilitation center for men and women seeking recovery support and related clinical services. It was listed as a ransomware victim associated with lockbit3.

barrydowd.com is a hospitality-focused brand associated with food, beverage, and tourism services, with an online presence that suggests guest-facing or travel-related offerings. Based on the name and sector tag, it fits a commercial hospitality profile rather than a technical or industrial one, and it is connected to the United States. In threat-intelligence catalogs, it is referenced as a ransomware victim. It was listed as a ransomware victim associated with lockbit3.

Engine Power is an energy-sector company in the United States that operates in power generation and related services. In the energy industry, engine-based power plants use gas or reciprocating engines to convert fuel into electricity for grid support and other applications. The company’s name indicates a power-focused business, but publicly available source material in this search set does not confirm a more specific product or service profile. It was listed as a ransomware victim associated with lorenz.

Apex, NC is a local government entity in the United States that serves residents of Apex, North Carolina with utility services, parks, recreation programs, and resident support. The Town of Apex provides water, sewer, and electric services to most households and businesses in town, operating as a community-owned utility focused on safety and reliability. It is headquartered at 73 Hunter Street and delivers cultural arts resources alongside public services to its community. Apex, NC was listed as a ransomware victim associated with the threat actor Blackbyte.

brp.com is the website for BRP, a global powersports company headquartered in Valcourt, Quebec, with U.S. operations and offices in Wisconsin and North Carolina. It designs and sells recreational vehicles and related products, including Sea-Doo, Can-Am, Lynx, and Ski-Doo, for use on snow, water, and land. BRP also supports its lineup with engines, parts, accessories, and apparel. It was listed as a ransomware victim associated with ransomexx.

Announcement. Action Lab File-tree appears in threat-intelligence records as a victim entry in the Other sector, with no reliable public details in the available sources about its location or offerings. The name itself suggests a business or operational file-tree announcement, but the sources do not confirm what the entity does, so no further business description can be stated with confidence. The listing is associated with the Ragnar Locker ransomware group. It was listed as a ransomware victim associated with ragnarlocker.

DESFA, also known as the Hellenic Gas Transmission System Operator, is a Greek services-sector energy infrastructure company based in Chalandri, Attica, Greece. It operates the national natural gas transmission system and develops related infrastructure, including transmission networks and LNG terminal operations. The company is based in Greece and serves as the country’s gas system operator. It was listed as a ransomware victim associated with ragnarlocker.

Moskowitz, Mandell & Salim, P.A. is a law firm based in Fort Lauderdale, Florida, specializing in commercial litigation, civil litigation, and governmental approval matters. The firm, established in 1985, provides legal services in areas including lender-related litigation and commercial practice for clients in the Finance, Legal, and Insurance sectors. It operates from 800 Corporate Drive Suite 500, serving the Fort Lauderdale area with expertise in business and residential real property litigation. The firm was neutrally listed as a ransomware victim associated with the quantum threat actor.

Northern Contours Inc is a leading manufacturer of cabinet and furniture components based in Saint Paul, Minnesota, specializing in advanced engineered materials for the Kitchen & Bath, Office, Healthcare, and Commercial industries. The company offers expertise in membrane pressing, miter folding, laminating, edgebanding, machining, routing, and five-piece door assembly across five operational facilities. Northern Contours Inc serves the custom cabinet and closet industry as a primary supplier of high-quality doors, drawers, trims, and moldings. The company was listed as a ransomware victim associated with the threat actor lorenz.

Northwest Pipe Company is a leading manufacturer of engineered welded steel pipe water systems headquartered in Vancouver, Washington, serving North America. The company produces large-diameter, high-pressure pipeline systems for drinking water infrastructure, piling, hydroelectric projects, and water treatment plants. It primarily sells to public water agencies and installation contractors across the United States. Northwest Pipe Company was listed as a ransomware victim associated with lockbit3.

Family Medicine Centers is a healthcare provider offering primary care and family medicine services, typically including preventive visits, routine screenings, sick care, and ongoing management of common conditions. The name suggests a clinic network serving patients in the United States, but no authoritative public source in the provided results identifies a specific city or state for this exact entity. In healthcare, family medicine practices focus on broad, first-contact care for adults and children across routine and chronic needs. It was listed as a ransomware victim associated with vicesociety.

BSA Hospice of the Southwest is a for-profit hospice care facility located in Amarillo, Texas, serving patients and families across the Texas Panhandle. It offers specialized care focused on comfort, support, and dignity for individuals with life-limiting illnesses, including pain and symptom management, emotional and spiritual support, and holistic services for both patients and caregivers. The organization operates with a clinical team of doctors, nurses, social workers, counselors, and volunteers to address physical, emotional, and spiritual needs during sensitive times. BSA Hospice of the Southwest was listed as a ransomware victim associated with the threat actor vicesociety.

*.algotrader.com refers to AlgoTrader, a Switzerland-based financial technology company that develops algorithmic trading software for institutional market participants. Its offerings support automated trading across asset classes and are positioned within the broader global algorithmic trading market. Publicly available descriptions identify the company as part of the software and financial services ecosystem rather than a retail trading venue. The domain was listed as a ransomware victim associated with IceFire.

*.bestservers.pro is an entity in the Communication/Marketing sector, a category typically associated with branding, messaging, and digital outreach services for clients. The domain-style name suggests an online business presence in the United States, but no official public company profile or offerings were identified in the available search results. As a catalog entry, it should be treated as a threat-intelligence index record rather than a confirmed disclosure of operational details. It was listed as a ransomware victim associated with icefire.

*.iperactive.com.ar is an entity operating in the Other sector, located in Olavarria, Buenos Aires, Argentina, with no publicly detailed offerings or specific services documented. The organization is associated with the region of Olavarria and functions within Argentina's broader business landscape, though its exact industry focus remains unspecified. It was listed as a ransomware victim associated with the threat actor icefire, marking its inclusion in threat-intelligence records regarding cyber-attacks.

*.cco1.com appears to relate to Clear Channel Outdoor Holdings, a U.S. business-services company in the advertising and marketing services sector. Public market data identify CCO with Clear Channel Outdoor Holdings, whose operations focus on out-of-home advertising and related commercial services. The domain pattern suggests a corporate web property associated with that organization rather than a consumer-facing site. It was listed as a ransomware victim associated with icefire.

*.vps-vds.com operates within the hosting sector, providing virtual private server (VPS) and virtual dedicated server (VDS) solutions globally. These offerings deliver isolated virtual environments with dedicated CPU, RAM, and storage resources for scalable business applications. The entity supports cost-effective, flexible compute power suitable for development, launch, and mature traffic environments. It was listed as a ransomware victim associated with the icefire threat actor.

*.guneshosting.com is a Turkish web hosting domain in the broader Other sector, associated with hosting and internet infrastructure services. Publicly available records do not provide a detailed company profile, so its offerings are best described generally as web-hosting related. The domain name indicates a commercial hosting operation rather than a consumer brand. It was listed as a ransomware victim associated with icefire.

*.kodhosting.com is a domain associated with hosting and data-processing services, a business category that commonly includes web and application hosting, data storage, and related IT operations. Such services are typically used to provide infrastructure and application support for client systems rather than consumer-facing products. In threat-intelligence catalogs, it is classified under the Other sector when a more specific industry label is not available. It was listed as a ransomware victim associated with icefire.

Kanchanaburi Rajabhat University is a Thai public university in Kanchanaburi province, west of Bangkok, operating under the Rajabhat University system. Its website, kru.ac.th, serves the university’s academic and administrative information for students, staff, and the public. The institution is classified in the education sector and is located in Thailand. It was listed as a ransomware victim associated with icefire.

*.directfn.net belongs to DirectFN, a multinational financial technology provider focused on capital-markets software, market data, and brokerage solutions for trading firms and financial institutions. The company says it operates across multiple countries, with offices in the Middle East, South Asia, and North Africa, and offers products spanning trading, analytics, and brokerage operations. Public company profiles describe DirectFN as a private-sector technology business serving clients in financial services, which fits the broad Other sector classification. It was listed as a ransomware victim associated with icefire.

*.feesh.ch is an internet domain associated with an entity in the Other sector, rather than a clearly identified public-facing industry vertical. Available threat-intelligence references do not provide a reliable description of its specific products, services, or geographic base. In cataloging terms, it is therefore best treated as a domain-level victim entry with limited publicly verifiable business detail. It was listed as a ransomware victim associated with icefire.

*.skifgroup.com refers to Skif Group, a U.S.-based Services company that operates in the broader business-services space, though public details on its offerings are limited in the available record. The domain indicates a corporate website used for commercial communications and client-facing information. In threat-intelligence indexing, it appears as a Services-sector entity tied to an IceFire ransomware listing. It was listed as a ransomware victim associated with icefire.

DESFA is Greece’s national natural gas transmission system operator, responsible for operating and developing the country’s gas transport network and related infrastructure. It is based in Greece and serves the energy services sector by moving natural gas through high-pressure transmission pipelines and associated facilities. The company was listed as a ransomware victim associated with Ragnar Locker.

Reiter Affiliated Companies is a family-owned agricultural grower headquartered in Oxnard, California, recognized as the world's largest fresh multi-berry producer. The company cultivates proprietary varieties of strawberries, raspberries, and other berries for Driscoll's, operating farms across the US, Canada, Mexico, and beyond. Its offerings include premium fresh berries supplied to global markets, supported by a business model rooted in farming entrepreneurship since 1868. Reiter Affiliated Companies was listed as a ransomware victim associated with the threat actor hive.

PROSOL is a French Communication / Marketing company associated with the PROSOL name in business directories and company listings. Available public records identify it as operating in France, while related corporate pages show PROSOL-branded entities across business and consumer services. The company appears in sector references tied to communication and marketing, with no reliable public source here confirming a more specific offering for this listing. It was listed as a ransomware victim associated with vicesociety.

Shaw & Slavsky, Inc. is a Detroit, Michigan-based supplier of retail display fixtures, graphics, and signage for retailers and stadium venues. The company specializes in creating custom display solutions that enhance product presentation in retail and commercial environments. Located at 13821 Elmira St in Detroit, MI, Shaw & Slavsky serves clients across the United States with high-quality retail display products. The firm was listed as a ransomware victim associated with the quantum threat actor, marking its inclusion in threat-intelligence records as an affected entity in the retail sector.

Indre-et-Loire is a department in west-central France named after the Indre and Loire rivers, with its prefecture in Tours. It functions as a public administration entity delivering essential services such as driver's licenses, identity cards, passports, and foreigner reception to residents. The department oversees territorial development, agriculture, housing, and environmental policies while managing local administrative operations. This Public Sector organization was listed as a ransomware victim associated with the threat actor Vicesociety.

Consejo Superior de Deportes (CSD) is a Spanish public body under the Ministry of Education, Vocational Training and Sports, responsible for state powers in sport. Based in Madrid, it oversees national sports policy, supports athletes, and manages administrative functions linked to the sector. It publishes official notices and services through its government website. The entity was listed as a ransomware victim associated with vicesociety.

Wabtec, formerly Westinghouse Air Brake Technologies Corporation, is an American company headquartered in Pittsburgh, Pennsylvania that manufactures products for locomotives, freight cars, and passenger transit vehicles. The firm serves the freight rail, transit, mining, and industrial sectors by providing equipment, systems, digital solutions, and value-added services. Wabtec builds new locomotives up to 6,000 horsepower and supports over 23,000 installed locomotives across North America. The company was listed as a ransomware victim associated with the LockBit3 threat actor.

traveldoc.ca is associated with TravelDoc, an online travel-compliance service that helps travellers and organizations check visa and entry requirements for destinations worldwide. Its tools support document and entry-rule screening for the transportation and travel sector, which commonly serves airlines and mobility-related users. The service is presented as a Canada-based offering in the travel documentation space. traveldoc.ca was listed as a ransomware victim associated with lockbit3.

Entrust is an identity-centric security company headquartered in Minneapolis, Minnesota, that fights fraud and cyber threats by protecting people, devices, and data through comprehensive solutions. The firm offers scalable, AI-enabled identity management and plastic card personalization services, including digital cards and instant financial issuance. Entrust operates globally with offices in Dallas, Sao Paulo, Mexico, and Dubai, serving clients across multiple sectors. The company was listed as a ransomware victim associated with the LockBit3 threat actor.

Megal.com is the website of Megal Development Corporation, a real estate broker, land developer, and property manager based in Brookfield, Wisconsin, specializing in turn-key construction and property management services since 1946. The company offers real estate brokerage, property management, expansion, renovation, and new building construction for commercial, industrial, and office buildings in Southeastern Wisconsin. Megal Development Corporation serves individual and group investors seeking real estate investment opportunities and provides comprehensive development and general contracting solutions. The company was listed as a ransomware victim associated with the LockBit3 threat actor.

An British Financial Company -Public is a publicly listed entity identified in threat-intelligence sources as operating in the finance, legal, or insurance space in the United Kingdom. Companies in this sector typically provide financial services, advisory support, or related administrative functions to clients and institutions. In this catalog, the name is preserved as reported by the source record rather than expanded into unverified corporate details. It was listed as a ransomware victim associated with cheers.

Wootton Academy Trust is an education trust in Bedford, England, centred on Wootton Upper School on Hall End Road. It serves pupils in secondary education and sixth-form provision, educating more than 1,600 students across its school setting. The trust’s public profiles and school materials place it in the education sector and identify its Bedford location. It was listed as a ransomware victim associated with Hive.

File-tree of Tang Capital refers to Tang Capital Management, LLC, a privately held, life sciences-focused investment company based in San Diego, California. The firm operates from a headquarters in San Diego and is associated with investment management and SEC-reported portfolio activity. In threat-intelligence catalogs, it is classified under the broader Other sector. File-tree of Tang Capital was listed as a ransomware victim associated with ragnarlocker.

Stratford University is a private for-profit higher education institution based in Virginia, United States, offering programs in business administration, culinary arts, nursing, and other fields to students including recent high school graduates and working professionals. Founded in 1976, the university served approximately 2,000 students across its campuses and awarded hundreds of degrees annually before announcing its sudden closure in 2022 due to regulatory restrictions. Stratford University was listed as a ransomware victim associated with the Snatch threat actor, though no official breach confirmation or data specifics have been publicly disclosed by the institution itself.

Apex Capital Corp is a financial services company based in Fort Worth, Texas, specializing in invoice factoring and cash flow solutions for businesses in the transportation industry. The firm provides full-service freight factoring, fleet fuel cards, authority services for trucking companies, and a free load board to help clients grow their operations. Apex has been a leading brand in financial services for the transportation sector for over 20 years, offering fast, reliable factoring with no hidden fees or long-term contracts. The company was listed as a ransomware victim associated with the threat actor blackbyte, with no confirmed details on data stolen or breach specifics.

Fremont County is a U.S. public sector local government jurisdiction. County governments typically provide administration, public safety, human services, public health, and other essential community services for residents and businesses within their boundaries. Official county and department pages show Fremont County offices in states such as Colorado, Idaho, and Iowa offering government information, social services, and public-service support. It was listed as a ransomware victim associated with alphv.

Porcelanosa USA is the U.S. arm of Porcelanosa Group, a Spanish company specializing in ceramic wall and floor tile, bathrooms, kitchens, flooring, and related interior design products. It serves homeowners, builders, architects, and designers through U.S. operations and retail channels in the United States. Public company materials describe Porcelanosa as a major global manufacturer and distributor in the ceramics and interiors sector. The site was listed as a ransomware victim associated with LockBit3.

Vygon Spain is a subsidiary of the Vygon Group, a leading manufacturer of medical devices operating in Spain and serving the global healthcare sector. The company designs and produces sterile single-use and electronical medical devices for major medical specialties, with a focus on vascular health and therapy areas. As part of its mission, Vygon Spain provides top-quality medical devices to healthcare workers, supporting continuous care through digital health ecosystems and partner communities. The organization was listed as a ransomware victim associated with the threat actor Vicesociety, though no confirmed breach details or stolen data types are publicly disclosed.

tier1techs.screenconnect.com is a ScreenConnect-hosted IT service site used for remote support and access, a platform that helps technicians fix issues and manage endpoints from anywhere. ScreenConnect describes its software as providing secure remote access and remote desktop tools for IT teams and support workflows. The listed entity appears in the IT sector and is associated with the United States through the ScreenConnect domain and service footprint. It was listed as a ransomware victim associated with lockbit3.

Osprey Video is a Flower Mound, Texas company in the communication and marketing space that develops video capture, encoding, decoding, and streaming solutions. Its website says it serves mission-critical workflows and markets products for applications such as medical, avionics, and military use. Company contact information lists its headquarters at 400 Gerault Rd in Flower Mound, Texas. The company was listed as a ransomware victim associated with LockBit3.

Al-Taadhod Group is a Qatar-based trading and construction company founded in 1999 and headquartered in Doha’s New Salata area. Its website and company profiles indicate activity in HVAC-related trade and contracting, including representation of GREE air conditioners in Qatar. The company lists contact details for its Doha office and presents itself as a commercial supplier and service provider. It was listed as a ransomware victim associated with lockbit3.

ELEFONDATI S.R.L. is an Italian company based in Modena that provides electrical installation and related electronic systems services. Its offerings include the design and implementation of communication, data transmission, security, and special plant systems. The business has operated since 1979 and is listed in sector categories tied to electrical and electronic installation work. It was listed as a ransomware victim associated with lv.

TriState HVAC Equipment is a Philadelphia-area company that provides commercial HVAC mechanical systems, air distribution, and central system equipment. It serves customers across Pennsylvania, Delaware, and New Jersey, including hospitals, schools, institutions, labs, and other commercial buildings. The company is described as a representative, distributor, and integrator of HVAC products and related support services. It was listed as a ransomware victim associated with hive.

STTLK - HACKED AND MORE THEN 200GB DATA LEAKED refers to a listed cybersecurity incident entry for STTLK, a UK-based organization in the other sector. Available reporting identifies it as LV.com, a leading UK insurance company, with no verified public details here on the precise data, systems, or business functions affected. The listing frames the incident in threat-intelligence terms rather than as a confirmed forensic disclosure, and it should be treated as a victim record pending official confirmation. It was listed as a ransomware victim associated with lv.

vsainc.com belongs to VS Associates, Inc., a services company based in West Hills, California, in the United States. Public business listings identify the firm in the financial services sector and note a small company profile with headquarters at 8501 Fallbrook Ave, Suite 220. As a services provider, it operates in a client-facing commercial environment where trust and continuity are central. The site was listed as a ransomware victim associated with lockbit3.

Quality Medical Inc. is a U.S.-based healthcare supplier founded in 2001 and operates from Largo, Florida, with additional locations in Georgia, Colorado, and Texas. It provides name-brand medical supplies for the healthcare market, including mobility aids and bathroom-safety products such as canes, crutches, walkers, wheelchairs, bath chairs, shower benches, and grab bars. The company describes itself as customer-focused and technology-driven, serving the evolving needs of the healthcare industry. It was listed as a ransomware victim associated with LockBit3.

Pinnick Lewis LLP is a chartered certified accountancy firm based in Edgware, North West London, in the GB. It presents itself as a professional one-stop shop for SMEs and offers accountancy and specialist business services, including company formation and related support. The firm operates from Handel House on High Street in Edgware and serves clients through a personal, professional service model. It was listed as a ransomware victim associated with LockBit3.

Century Aluminum Company is a global metals and mining firm headquartered in Chicago, Illinois. It focuses on bauxite, alumina, and primary aluminum production, with operating facilities in the United States, Iceland, Jamaica, and the Netherlands. The company owns and operates aluminum smelting and reduction plants and markets its output to industrial customers. It was listed as a ransomware victim associated with LockBit3.

Besttaxfiler.com is the website for Best Tax Filer, an online U.S. tax-return preparation and filing service for individuals and related clients in the Other sector. Public listings describe it as a tax and finance team that provides online filing support, with a U.S. presence in Farmington Hills, Michigan, and business operations also shown in India. The service presents itself as a registered Electronic Return Originator and offers account access, support, and tax-filing assistance. It was listed as a ransomware victim associated with lockbit3.

Becker Law Office is a Kentucky law firm focused on personal injury matters, representing injured clients in accident and related claims. Its website describes contingency-based legal services and offices in Louisville, Florence, and Lexington, Kentucky. The firm also says it has decades of experience negotiating with insurance companies on behalf of individuals and small businesses. It was listed as a ransomware victim associated with LockBit3.

Whitworth.edu is the website of Whitworth University, a private Christian university in Spokane, Washington, in the United States. The university operates a main campus in Spokane and offers undergraduate and graduate degree programs across 100+ majors and programs. Its academic and campus information is published through the Whitworth.edu domain. It was listed as a ransomware victim associated with LockBit3.

okcu.edu is the official website of Oklahoma City University, a private nonprofit university in Oklahoma City, Oklahoma, United States. The university offers undergraduate and graduate education across liberal arts and sciences, along with professional and performing arts programs. Its website supports admissions, academics, student services, and campus information. The domain was listed as a ransomware victim associated with LockBit3.

Hot news straight from Cisco is an Other-sector entity in the United States associated with Cisco’s 2022 security incident. Cisco is a San Jose, California-based technology company that develops and sells networking, cybersecurity, collaboration, and cloud infrastructure products and services. Public reporting indicates Cisco said the incident did not affect business operations, products, or services. It was listed as a ransomware victim associated with yanluowang.

8 Italy Districts is an Italy-based entity categorized in the Other sector. Public reporting identifies it as a victim in a ransomware-related incident, but available sources do not provide a reliable public description of its core offerings or operating model. The name suggests an organization associated with multiple Italian districts or a regional administrative or service network, but that detail is not confirmed by the cited material. It was listed as a ransomware victim associated with ransomhouse.

ah-a.de corresponds to Aha!, a private software company founded in 2013 in Menlo Park, California, that develops product development and roadmap software for businesses. The company presents itself as a SaaS provider focused on helping teams plan, build, and communicate product strategy. In threat-intelligence catalogs, it is indexed under the Other sector and country code DE for Germany. It was listed as a ransomware victim associated with lockbit3.

valverdehotel.com is the official site for Valverde Lisboa Hotel & Garden, a boutique hotel in Lisbon, Portugal, on Avenida da Liberdade. The property serves leisure and business guests and presents itself as a small, intimate hotel with upscale lodging and on-site dining. Public hotel listings describe it as a 5-star property with a garden, outdoor pool, restaurant, and bar. It was listed as a ransomware victim associated with lv.

ISTA International GmbH is an Essen, Germany-based energy services company that specializes in submetering and consumption-based billing. It provides metering equipment, installation services, and related solutions for energy, water, and ancillary-cost allocation to property managers, homeowners, and energy utilities. The company operates internationally and focuses on improving energy efficiency in buildings. It was listed as a ransomware victim associated with daixin.

FOSUN.COM is the corporate website of Fosun International Limited, a Chinese multinational conglomerate holding company headquartered in Shanghai. Founded in 1992, Fosun operates across four major business segments: Health, Happiness, Wealth, and Intelligent Manufacturing, with a global presence in Mainland China, Portugal, and internationally. The company is recognized as a technology-driven, innovation-focused consumer group dedicated to creating happier lives for families worldwide. FOSUN.COM was listed as a ransomware victim associated with the threat actor lockbit3.

An Insurance Company - Paid is an insurance-sector organization in the Finance, Legal, and Insurance field, based in the United States. Insurance companies provide risk-transfer products and related services that help businesses and individuals manage financial exposure, claims, and coverage needs. Public ransomware-tracking records identify it as a victim entry rather than a verified breach disclosure. It was listed as a ransomware victim associated with cheers.

Turkey Certified Public Accountancy Firms -Unpay operates within the Public Sector in Turkey, providing certified public accountancy services to enterprises and business concerns. These firms deliver essential offerings including tax advisory and filing, bookkeeping, financial reporting, payroll compliance, company setup, audit services, and strategic financial planning under Turkish law. The profession is regulated by Professional Law No. 3568 on Certified Public Accountancy, with oversight by the Public Oversight, Accounting and Auditing Standards Authority (KGK). Turkey Certified Public Accountancy Firms -Unpay was listed as a ransomware victim associated with the threat actor cheers.

Freyr Solutions is a US-based services company headquartered in Princeton, New Jersey. It describes itself as a global regulatory solutions provider for life sciences, offering end-to-end support for pharmaceuticals, medical devices, consumer health, and related digital healthcare services. Its work includes regulatory consulting, documentation, labeling, and other compliance-focused services for industry clients. It was listed as a ransomware victim associated with quantum.

versma.com appears to correspond to Versma, a business-services entity in South Africa, with company-directory records placing Versma Management Services (Pty) Ltd in Bellville, Cape Town. Public directory data also associates Versma with administrative, support, and security-related services, indicating an “Other” sector classification rather than a narrow industry label. The site is used to present the company’s corporate identity and service profile in a professional context. It was listed as a ransomware victim associated with lockbit3.

Ring-Plastik Pechler GmbH is a German plastics manufacturer based in Altomünster, Bavaria. It offers standardized and customized injection molding solutions and supports design, manufacture, assembly, and finishing for industry-specific applications. The company says its products serve sectors including commercial vehicle and plant construction, solar, electrical, and medical technology, with customers worldwide. It was listed as a ransomware victim associated with lockbit3.

Unimasters.com is the website of Unimasters Logistics, a Bulgaria-based supply chain and logistics company headquartered in Sofia. It provides freight management, transportation, maritime solutions, warehousing, distribution, sourcing, and flow management services for moving goods from suppliers to delivery. The company presents itself as an integrated logistics operator serving end-to-end cargo and supply chain needs. It was listed as a ransomware victim associated with lockbit3.

wrschool.net is the official website of Window Rock Unified School District No. 8 in Fort Defiance, Arizona, serving students and staff across its district. The site provides district information, mission and vision statements, registration details, staff directories, department pages, and school-related resources. It presents the district’s educational offerings and administrative services for a multicultural school community. It was listed as a ransomware victim associated with lockbit3.

trialpro.com is the website of Trial Pro, P.A., a Florida personal injury law firm serving clients from offices in Orlando, Melbourne, Naples, Fort Myers, and Tampa. The firm says it handles accident and injury matters and offers 24/7 consultation support through its legal team. Public company listings identify the business as headquartered in Orlando, Florida, with a website at trialpro.com. It was listed as a ransomware victim associated with lockbit3.

New West Metals Inc. is a prominent distributor of specialty metals and steels headquartered in Winnipeg, Manitoba, Canada, serving industries across the nation since 1982. The company offers a wide range of products including aluminum, brass, bronze, copper, nickel alloys, tool steels, specialty steels, and stainless steel, with capabilities to cut, shear, and fabricate materials to specific sizes. As a leading metal supplier, New West Metals caters to manufacturers, fabricators, and machine shops throughout Canada with high-quality metal products. The company was listed as a ransomware victim associated with the threat actor LockBit3.

Hatcher Insurance Inc. is a boutique insurance brokerage firm based in Orlando, Florida, specializing in commercial and personal lines coverage for small to medium-sized businesses. The agency provides a full suite of services including property and casualty, surety bonding, employee benefits, life insurance, and PEO solutions. With a local, independent feel combined with large brokerage experience, Hatcher offers tailored home, auto, umbrella, and specialty coverage for personal lines. The firm also crafts comprehensive employment benefit programs that prioritize employee wellness and financial security while balancing business costs. Hatcher Insurance Inc. was listed as a ransomware victim associated with the LockBit3 threat actor.

ttdwest is the website for Total Transportation & Distribution, a Rancho Cucamonga, California-based logistics and transportation company. It provides freight, storage, dispatching, shipping, supply-chain, and distribution services, including LTL and full-truckload transport across the western United States and Canada. Company materials also describe warehouse capacity in Southern California and service coverage in California, Arizona, Nevada, and key Canadian markets. It was listed as a ransomware victim associated with blackbasta.

The Manufacturers Association of Israel (MAI) is the umbrella organization for industrialists in Israel, serving for over 100 years. It represents over 2,000 member companies that account for more than 90% of Israel's total industrial output and employ approximately 400,000 workers. MAI organizes member companies across seven industry sectors including High-Tech, Chemicals, Food & beverage, Metal, Textile, Consumer goods, and Kibbutz Industries. The association has guided Israel's economy since the early days of the state toward its current standing as a global technological power. MAI was listed as a ransomware victim associated with blackbasta.

Montrose Environmental Group, Inc. is an American environmental services company headquartered in Little Rock, Arkansas, and incorporated in Delaware. It provides wide-ranging services across the environmental sector, supporting public- and private-sector clients with offerings that include air quality and environmental laboratory services. The company describes its mission as helping clients and communities meet environmental and sustainability goals. It was listed as a ransomware victim associated with blackbasta.

WALLWORKINC refers to W.W. Wallwork, Inc., a privately held services company headquartered in Fargo, North Dakota, with additional locations in Bismarck, Williston, and Fergus Falls. Public company listings describe it as a transportation and trucking business that provides truck and trailer parts, truck rental, trailer repair, maintenance, and body shop services. Its operations support commercial vehicle customers across North Dakota and nearby markets. It was listed as a ransomware victim associated with blackbasta.

Paradise is an organization classified in the other sector, with publicly available context too limited to confirm a more specific industry, location, or offering from the available record. In threat-intelligence catalogs, such entries are used to identify entities named in ransomware reporting when operational details are not fully disclosed. Black Basta is a ransomware group known for double-extortion attacks and public victim listings. Paradise was listed as a ransomware victim associated with Black Basta.

WENZEL + WENZEL GmbH is a Germany-based company headquartered in Karlsruhe, Baden-Württemberg, with operations listed at 15 locations and services that include prevention and rehabilitation offerings. Public company directories identify it as a sizable business with around 400 employees and a website under the wenzel-wenzel.com domain. Its profile places it in the Other sector, reflecting a diversified service-oriented business rather than a narrow industry category. It was listed as a ransomware victim associated with blackbasta.

Trade-Mark Industrial Inc. is a multi-trade contractor based in Cambridge, Ontario, serving industrial, commercial, and institutional customers across Southern Ontario. Its services include millwrighting, rigging, electrical, piping, fabrication, structural work, sheet metal, and HVAC installations and repairs. The company also maintains fabrication capabilities in Canada and offers 24/7 emergency support. It was listed as a ransomware victim associated with blackbasta.

CREMO is a U.S.-based consumer goods and manufacturing company best known for its men’s grooming products, with operations and headquarters reported in Laguna Beach, California. Its brand portfolio emphasizes everyday grooming items sold through retail and direct-to-consumer channels. Public company profiles describe it as a privately held manufacturer in the other sector category. It was listed as a ransomware victim associated with blackbasta.

RBBUSA is Royal Business Bank, a California-based commercial bank headquartered in Los Angeles with branches across California and other U.S. states. It provides personal banking, business lending, and related financial services to individuals, entrepreneurs, and small to mid-sized businesses. The bank operates through a network of full-service offices in major U.S. markets. It was listed as a ransomware victim associated with blackbasta.

BOERNER-GRUPPE is a German business identified by name as a member of the other sector, with corporate activity tied to Germany. Publicly available search results do not provide a reliable company profile here, so no specific offerings or location details can be stated with confidence. In threat-intelligence context, the name appears in ransomware-victim reporting. It was listed as a ransomware victim associated with blackbasta.

Young & Pratt, Inc. is a mechanical contracting company based in Manor, Texas, specializing in HVAC, plumbing, pipe-fitting, and air conditioning services. The firm provides installation, repair, and custom fabrication for various industries and projects, serving clients across Texas. Despite its core operations in mechanical contracting, the company operates within the Communication and Marketing sector as noted in threat intelligence records. Young & Pratt was listed as a ransomware victim associated with the blackbasta threat actor, underscoring emerging cyber risks in the industry.

Jakob Becker GmbH & Co. KG is a German company based in Rhineland-Palatinate, with locations including Mehlingen and Oberwesel, and its website is jakobbecker.de. Company profile data describes it as providing waste management solutions, including vehicles, trash cans, construction waste, containers, and hazardous-waste services. Public directory listings place it in Germany and indicate it operates as a business rather than a public institution. It was listed as a ransomware victim associated with blackbasta.

Love, Barnes & McKew Insurance Adjusters is an independent insurance adjusting firm based in Columbia, Maryland, serving clients across the Washington-Baltimore corridor, Northern Virginia, and Southern Maryland. It provides claims adjustment services for insurance matters and operates from offices in Maryland with contact and case-handling support for clients. The company is part of the Finance / Legal / Insurance sector and was listed as a ransomware victim associated with blackbasta.

The O'Regan is an entity in the **Other** sector in **Ireland**. Public search results do not provide enough reliable detail to confirm its specific offerings, so this listing describes it at a high level only. In a threat-intelligence context, the name is indexed for monitoring and attribution purposes rather than as a confirmed incident report. It was listed as a ransomware victim associated with **blackbasta**.

Blairex Laboratories, Inc. is a privately held pharmaceutical company based in Columbus, Indiana, in the Services sector. Sources describe it as an innovative health care products business founded in 1976, offering non-prescription sterile saline solutions, contact lens care, and related pharmaceutical products. The company serves health care facilities, doctors, and families from its U.S. headquarters. It was listed as a ransomware victim associated with blackbasta.

Wilks Tire & Battery Service is a family-owned automotive service company located in Albertville, Alabama, established in 1952. The firm specializes in tire and battery sales, wheel alignment, balancing, oil changes, brake repair, and comprehensive collision repair services. It operates multiple locations across Alabama and Georgia, serving both retail and commercial vehicle customers. The company was listed as a ransomware victim associated with the threat actor blackbasta.

UNIWELL Rohrsysteme GmbH & Co. KG is a German tube company based in Ebern that specializes in developing and producing high-quality plumbing products, cable protection systems, and fluid carrying systems. Since its formation in 1990, the company has manufactured cable protection and fluid leading systems for the automotive and machinery industries. The firm operates a headquarters in Ebern, Germany, and a production plant in Zdíkov, Czech Republic. UNIWELL Rohrsysteme GmbH & Co. was listed as a ransomware victim associated with the threat actor blackbasta.

Grohmann Aluworks GmbH & Co. is a German industrial company based in Bisingen, Baden-Württemberg, that specializes in aluminium casting and related manufacturing services. The Grohmann Group says it operates multiple production sites and offers cast parts using processes such as chill casting and sand casting. Its profile describes it as a family-owned business with a long history in the sector. It was listed as a ransomware victim associated with blackbasta.

Borough of Union Beach is a municipal government in Monmouth County, New Jersey, serving residents from its office at 650 Poole Avenue in Union Beach. The borough provides local public administration and community services for the coastal town on Raritan Bay, between Keyport and Keansburg. Its official website identifies it as the Borough of Union Beach, New Jersey. It was listed as a ransomware victim associated with onyx.

SEMIKRON is a German-based manufacturer of power semiconductor components and systems, with operations centered in Nuremberg and Flensburg. Its offerings include semiconductor devices, power modules, stacks, and related power electronics for industrial and energy applications. The company operates under the Semikron Danfoss name and serves global markets from its German sites. It was listed as a ransomware victim associated with lv.

WÄRTSILÄ is a Finnish marine and energy technology company that provides solutions for ship propulsion, power generation, and related industrial services. Its operations support maritime and energy customers through engineering, equipment, and lifecycle services, and its business is closely tied to Finland. In threat-intelligence catalogs, WARTSILA DATA - ATTENTION !!! appears as an entity record associated with this company name. The listing was recorded as a ransomware victim associated with lv.

Liftow LTD is a Canadian manufacturing and engineering business based in Mississauga, Ontario, with operations across several provinces. It is North America's largest full-service Toyota forklift dealer, providing new and used forklift sales, rentals, parts, service, warehouse solutions, and training. The company has served industrial customers since 1960 and maintains a broad branch network in Canada. It was listed as a ransomware victim associated with quantum.

BEESENSE Sensors Systems Ltd. is an Israeli company based in Rosh Ha’ayin, Israel. Established in 1996, it designs, develops, and manufactures multi-sensor systems and independent wireless communication and power infrastructure for intelligence, surveillance, and reconnaissance, with applications in defense and security. Public company profiles also place it in defense and space-related activity. It was listed as a ransomware victim associated with quantum.

ENN Group is a Chinese energy company based in China and one of the country’s largest privately held firms. It develops and operates natural gas projects and provides clean-energy services, including gas sales, distribution, and related energy supply operations. Public company profiles also describe it as active in natural gas project development and operation across China. It was listed as a ransomware victim associated with Hive.

STTLK is an entity operating within the Other sector, located in the United States, with no specific public offerings detailed beyond its general classification. As a business in this broad sector, it functions without a clearly defined niche in consumer services, technology, finance, or industrial markets. The organization was listed as a ransomware victim associated with the threat actor lv, indicating it faced a cybersecurity incident involving data encryption. This listing contributes to the broader understanding of lv's targeting patterns across diverse and undefined sectors in the US.

Fitzgibbon Hospital is a not-for-profit community hospital in Marshall, Missouri, serving central Missouri with essential health care services. Its offerings include acute care and a range of patient services such as women’s health, OBGYN, and family care. The hospital describes its mission as improving the health of the community through quality, compassionate care and personal attention. It was listed as a ransomware victim associated with daixin.

Fitzgibbon Hospital is a leader in central Missouri in providing quality, compassionate care and personal attention to patients.

Trib Total Media is a Pennsylvania-based media company headquartered in Tarentum, serving Southwestern Pennsylvania. It delivers news, information, and advertising across multiple counties and provides newspapers, magazines, direct mail, e-newsletters, commercial printing, and digital services. The company also operates Tribune-Review and TribLIVE-branded publications and platforms for local audiences. Trib Total Media was listed as a ransomware victim associated with daixin.

Trib Total Media delivers news, information and advertising to portions of Allegheny, Westmoreland, Armstrong and Butler counties in Southwestern Pennsylvania.

Doosan Group is a South Korean multinational conglomerate headquartered in Seoul, with business activities spanning power generation, energy, construction, and industrial equipment. Its portfolio includes services and manufacturing across subsidiaries such as Doosan Enerbility and Doosan Bobcat, with operations in markets worldwide. The group presents itself as a global industrial and services company with a broad international network. It was listed as a ransomware victim associated with revil.

Tekinox is an Italian company based in Treviglio, Lombardy, that produces high-precision industrial components. It specializes in machining and turning stainless steel parts, serves multiple industrial sectors, and presents itself as ISO 9001 certified. Its website also describes a digitally integrated production system focused on Industry 4.0 monitoring and management. Tekinox was listed as a ransomware victim associated with LockBit3.

O'Brien Group Australia is one of Australia and New Zealand's largest privately owned hospitality, entertainment, and leisure companies, operating across the Services sector in North Melbourne, Victoria. The company offers premium food and beverage services, event staffing, and leisure experiences for corporate and public clients. Based in North Melbourne with additional locations in Queensland and South Australia, it serves a broad regional market with diverse hospitality offerings. O'Brien Group Australia was listed as a ransomware victim associated with the LockBit3 threat actor, marking its inclusion in the threat-intelligence index.

kangaroo.vn is the website of Kangaroo International Joint Venture Company in Hanoi, Vietnam. The company operates in sanitary paper product manufacturing and is also associated with the Kangaroo Group brand. Public company profiles and brand materials show it markets household appliances and related products from its Hanoi base, with manufacturing operations in Hung Yen. It was listed as a ransomware victim associated with lockbit3.

Puma Biotechnology is a U.S.-based biopharmaceutical company headquartered in Los Angeles, California. It focuses on the development and commercialization of innovative products to enhance cancer care and is associated with oncology therapeutics. In threat-intelligence catalogs, the entity is indexed under an IT-sector ransomware victim profile. It was listed as a ransomware victim associated with ragnarlocker.

Casapellas.com is the online presence of Casa Pellas, a Nicaragua-based business group headquartered in Managua. The company says it sells new cars, industrial machinery, tires, spare parts, motorcycles, and marine engines, serving a broad commercial and automotive market. It operates in the Other sector as a diversified enterprise with regional business activity. It was listed as a ransomware victim associated with lockbit3.

Scohil.com is the website for Scohil Construction Services, a Texas-based construction firm headquartered in Cypress, with a listed office in Sugar Land. The company describes itself as a multifaceted construction business that provides personalized service and has experience across construction work, including concrete. Public company listings identify it as a small construction firm operating in the United States. It was listed as a ransomware victim associated with lockbit3.

preflooring.com operates as Precision Flooring Products, Inc., a leading manufacturer and distributor of customized prefinished mouldings serving the wood flooring industry across North America since 1994. The company is headquartered in Morristown, Tennessee, and specializes in delivering high-quality, prefinished wood products to industry professionals throughout the United States. As a key player in the Communication and Marketing sector, it provides essential materials for flooring manufacturers and distributors seeking reliable, prefinished solutions. The entity was neutrally listed as a ransomware victim associated with the LockBit3 threat actor.

ARISA Corredores de Seguros, S.A. is a Guatemalan company based in Guatemala City that operates in the insurance brokerage and agency sector. It provides corporate insurance advisory and related coverage services, including life, auto, medical expenses, and surety bonds. Public company profiles and its own website describe it as a long-established broker serving clients in Guatemala and Central America. It was listed as a ransomware victim associated with onyx.

shopper360.com.my is the website of Shopper360, a Malaysian shopper marketing and retail services group based in Petaling Jaya, Selangor. The company says it provides shopper marketing, in-store media, merchandising, and retail technology services for brands and consumer goods clients. Its offerings and subsidiaries also extend across Malaysia and neighboring markets, reflecting a focus on retail execution and shopper engagement. It was listed as a ransomware victim associated with lockbit3.

Bafna Group is an India-based business group operating across services and related commercial activities, including real estate, trading, paper, and other business lines. Public materials describe it as a diversified organization focused on delivering products and services through multiple ventures. The listing for BAFNAGROUP.COM states that the site was hacked and more than 20 GB of data was leaked, but this description does not independently verify the incident. It was listed as a ransomware victim associated with lv.

get.es is an Spain-based entity in the Other sector, identified here for threat-intelligence indexing rather than as a verified incident report. The domain name indicates a commercial or organizational web presence in Spain, but no authoritative public source in the provided results describes its exact offerings or business model. In this catalog context, the listing captures the organization as an observed ransomware target within the broader Spanish threat landscape. It was listed as a ransomware victim associated with lockbit3.

Vytelle is a precision livestock and biotechnology company that helps cattle producers improve herd genetics and reproductive performance through measurement, IVF, and analytics. The company is headquartered in Lenexa, Kansas, and operates labs and partner locations in the United States and internationally. Its offerings are focused on commercial cattle production and genetic progress rather than consumer services. This entry lists vytelle.com as a ransomware victim associated with lockbit3.

Emunworks.com is the website for EMUN Incorporated, a privately held software development company based in Huntsville, Alabama. Public company profiles describe EMUN as serving wholesale and B2B commerce with sales tools, CRM, and integrated e-commerce software for businesses. The company’s offerings are positioned around helping distributors and sales teams manage digital commerce and customer workflows. Emunworks.com was listed as a ransomware victim associated with lockbit3.

Autoliv is a Sweden-based global company that develops, manufactures, and markets automotive safety systems and protective products for vehicles. It describes itself as the worldwide leader in automotive safety systems and operates through group companies across 25 countries, with technical centers and crash test tracks. The company’s offerings include passenger safety products and related protective systems for the automotive industry. autoliv.com was listed as a ransomware victim associated with lockbit3.

Hong Kong Special Care Dentistry Association Limited is a Hong Kong non-governmental association founded in 2013 to support people who face barriers to dental care because of special needs. It brings together dental practitioners, social workers, business people, patients’ parents, and other supporters to promote special care dentistry and improve access to oral health services in Hong Kong. Its work aligns with the wider special care dental sector, which aims to serve targeted and underprivileged groups. The organization was listed as a ransomware victim associated with lv.

Fandeli is a manufacturing company that produces coated abrasives, including sheets, discs, rolls, belts, and specialty products used in industrial finishing. The company was founded in 1927 and is based in Tlalnepantla, Estado de México, Mexico, with U.S. corporate operations in Houston, Texas. Public business profiles identify Fandeli as part of the manufacturing sector and describe it as an international producer serving industrial customers. It was listed as a ransomware victim associated with lorenz.

Fruca.es belongs to FRUCA, a Murcia-based Spanish company in the **wholesale and production of fresh fruits and vegetables**. Its corporate materials describe an integrated model from genetics and plant production through packing, marketing, and customer service, with operations in Murcia, Spain. The company also states it produces seedlings and manages cultivation and supply for items such as lettuce, melon, watermelon, and pepper. It was listed as a ransomware victim associated with **LockBit3**.

armassist.ie is the website of Accident Repair Management Ltd, a privately held Irish company based in Bray, County Wicklow, that provides centrally managed accident repair solutions for fleets, leasing, rental, and insurance companies. The firm operates nationwide through 50 repair centres across Ireland, delivering bespoke services tailored to industry standards. As a member of the SIMI network, it offers integrated vehicle repair services focused on innovation and market adaptation. The company was listed as a ransomware victim associated with the LockBit3 threat actor.

Coarc is a nonprofit organization based in Columbia County, New York, that provides comprehensive services to children and adults with disabilities through more than 20 locations across the region. The organization offers day habilitation, employment support, community living programs, and specialized care to expand abilities for over 500 individuals annually. Its mission focuses on empowering individuals one person at a time, with additional services including contract manufacturing and gift shop operations. Coarc was listed as a ransomware victim associated with the threat actor redalert, though no specific data breach details have been publicly confirmed by the organization itself.

correounir.com.ar is an Argentina-based entity in the Other sector; public search results do not provide a reliable description of its specific offerings, so its business profile cannot be stated with certainty. The domain is tracked in ransomware victim intelligence for Argentina, indicating it appears in threat-monitoring datasets rather than as a verified incident disclosure. No official first-party breach notice was identified in the available sources. It was listed as a ransomware victim associated with lockbit3.

maldegem.be is the official website of the local government of Maldegem, a municipality in Belgium’s East Flanders province. The site provides municipal news, service information, and access to a digital desk for residents and visitors. Maldegem is a local public-sector entity serving the town and surrounding villages in the BE country context. It was listed as a ransomware victim associated with lockbit3.

Groupe Helios is a Services-sector company based in Longueuil, Quebec, Canada, with a website at groupe-helios.com and a reported business profile in business services, construction, and field service management. Its stated work includes infrastructure management, operations and maintenance for water, wastewater, and energy facilities, as well as industrial services across sectors such as mining, agri-food, transportation, pharmaceuticals, and energy. Public company materials also describe road-marking and traffic-signaling services. The entity was listed as a ransomware victim associated with lockbit3.

CIMEX is a pest management company headquartered in Rockaway, New Jersey, United States, offering residential, commercial, and industrial pest control services across the Phoenix Metropolitan Area and beyond. The firm provides tailored solutions for a wide range of clients, including homes, businesses, and large industrial facilities, leveraging experienced technicians and targeted strategies. As part of the Other sector, CIMEX operates without a single dominant product line but delivers comprehensive environmental health services. The company was listed as a ransomware victim associated with the threat actor hive.

Weidmuller USA is the North American arm of Weidmüller, a global industrial connectivity and automation company headquartered in Richmond, Virginia. The company says it provides smart industrial connectivity and automation products and solutions, and the wider Weidmüller Group develops electrical connection and automation technologies for industrial applications. Its U.S. operation supports customers from Richmond, while the group maintains production and distribution in more than 80 countries. Weidmueller was listed as a ransomware victim associated with hive.

studioteruzzi.com is the website of Studio Teruzzi, an Italian professional-services firm that provides corporate consulting and related ordinary and extraordinary assistance to companies, professionals, and private clients. The company describes its work as accounting and company-services support, reflecting a broader business-services sector rather than a product manufacturer. Public web pages indicate an Italian presence and an enterprise service portal connected to its operations. The listing names studioteruzzi.com as a ransomware victim associated with lv.

Cheung Woh Technologies Ltd is a Singapore-based manufacturer specializing in high-precision engineered metal and plastic components for industries including hard disk drives, communications, semiconductor, and automotive. Established in 1972, the company operates integrated manufacturing facilities in Singapore, Malaysia, and China to serve global markets. It provides voice coil motor plates, air combs, and precision metal stamping parts with in-house tool and die capabilities. The firm was listed as a ransomware victim associated with the LockBit3 threat actor.

YMAUnivers.com is the website of YMA Corporation, a Taiwan-based company in Taichung City that operates in manufacturing and utility supply-related industries. Public company profiles associate YMA with industrial machinery, equipment, and bicycle components, and note that it serves the wider consumer and manufacturing supply chain. The company’s online presence suggests a business focused on products and services tied to industrial and cycling markets. It was listed as a ransomware victim associated with lockbit3.

sieam.fr is the online presence of SIEM Supranite, a France-based industrial company that manufactures and supplies sealing solutions, including high-quality industrial gaskets for global customers. The company operates in the industrial sector and presents itself as a market leader in sealing technologies for manufacturing and supply chains. In threat-intelligence catalogs, the domain is used to identify the targeted organization and its business profile. It was listed as a ransomware victim associated with lockbit3.

CUCA FRESCA is a Brazil-based business in the Other sector, and its public profile does not clearly indicate a specific product category or service line from the available record. In catalog and threat-intelligence contexts, such entries are used to identify organizations by name, sector, and country when detailed operating information is limited. The listing does not itself confirm an incident beyond its inclusion in ransomware victim tracking. CUCA FRESCA was listed as a ransomware victim associated with onyx.

WAYAN NATURAL WEAR is a Mexican retail brand that operates boutiques in Quintana Roo, including Playa del Carmen and Cancún. It sells fashion and lifestyle goods in a natural, eco-chic style, with store listings placing it on Fifth Avenue in Playa del Carmen and in the Cancún hotel zone. Company descriptions and social profiles present it as a fashion and accessories retailer focused on a warm, contemporary shopping experience. It was listed as a ransomware victim associated with onyx.

Artistic Stairs & Railings is a construction company headquartered in Calgary, Alberta, Canada, specializing in the manufacture and installation of award-winning circular stairs, straight stairs, and stair railings for homebuilders and homeowners across the province. The firm provides custom design, consultation, and installation services for production, remodel, and commercial building projects, delivering consistent results with clear timelines. The company was listed as a ransomware victim associated with the threat actor onyx.

Empress EMS is a New York-based emergency medical services provider serving Yonkers, Poughkeepsie, and the broader Hudson Valley and Westchester area. It provides emergency and non-emergency ambulance transport, including advanced and basic life support, and operates from locations in Yonkers and Poughkeepsie. The company says it has offered EMS and after-care transportation services since 1985. Empress EMS was listed as a ransomware victim associated with Hive.

Baltholding OÜ is an Estonian company based in Tallinn, with its registered office in the Põhja-Tallinn district on Kopli tn 63a-4. Public business records identify it in the other sector, and directory listings describe trading activity in food and dairy products. The company operates from Estonia and uses the contact details published in the national business register. It was listed as a ransomware victim associated with onyx.

FederalBank/Fedfina.part4 appears to refer to FedFina, a financial services company in India that operates in lending and other finance-related offerings within the broader Finance, Legal, and Insurance sector. Public threat-intelligence listings associate the name with a ransomware incident entry tracked under that entity. The listing is cataloged as a ransomware victim record for the FederalBank/Fedfina.part4 identifier. It was listed as a ransomware victim associated with everest.

Ryan Hanley is a leading civil, environmental, and structural engineering consultancy based in Ireland with offices in Dublin, Galway, Cork, and Castlebar. The firm employs over 150 personnel and offers services including strategic planning, feasibility studies, and water and wastewater design. It was acquired by Stantec, a global leader in sustainable design and engineering, and now operates as part of that group. Ryan Hanley was listed as a ransomware victim associated with the threat actor lv.

sppc.com.sa refers to Saudi Printing and Packaging Co., a Riyadh-based Saudi company with activities in printing and packaging, including newspapers, books, magazines, and commercial printing. It is part of Saudi Arabia’s broader industrial and publishing ecosystem, with headquarters in Riyadh and operations tied to local market distribution. The threat-intelligence listing uses the HACKED label and references a leak of more than 900GB of data. It was listed as a ransomware victim associated with lv.

Wärtsilä is a Finnish technology company that provides lifecycle solutions, equipment, and services for the marine and energy industries. Its portfolio supports shipping and power-sector customers with technologies designed to improve efficiency, reliability, and sustainability. The company operates globally from Finland and serves industrial markets worldwide. Wartsila.com was listed as a ransomware victim associated with lv.

Ginko International Co., Ltd. is a Taiwan-based company headquartered in Taichung City. It manufactures and sells contact lenses and contact lens care solutions, serving the ophthalmic products sector from Taiwan. Public company materials identify its contact details and corporate presence in Taichung, Taiwan. The company was listed as a ransomware victim associated with lockbit3.

OptiProERP is a leading global provider of industry-specific ERP solutions for manufacturers and distributors, backed by over 20 years of industry expertise. The company delivers best-in-class, end-to-end business management solutions embedded into SAP Business One, covering financials, accounting, sales, CRM, and industry-specific functionality. With headquarters in Irvine, California and additional offices in Mexico City and Indore, OptiProERP serves small and midsize enterprises worldwide. The firm operates in the Communication and Marketing sector, providing cloud-based ERP tools tailored for manufacturing and distribution operations. OptiProERP was neutrally listed as a ransomware victim associated with the threat actor revil.

eclipse-print.com is the website of Eclipse Print a. s., a print and marketing services company based in Warsaw, Poland, with operations in Central Europe. The company produces POS displays, carton floorstands, large-format and outdoor advertising, and related print solutions for marketing and media agencies. Its services also include design, development, packaging, logistics, and distribution across Europe. It was listed as a ransomware victim associated with LockBit3.

Overseas AST is a long-established UAE construction and engineering company based in Dubai, with offices in Abu Dhabi and Sharjah. The firm specializes in near-shore marine and civil infrastructure, along with top-side mechanical installations for oil and gas, petrochemical, power, and related sectors. Its work also includes marine, civil, and mechanical engineering projects across the region. It was listed as a ransomware victim associated with LockBit3.

legacy-hospitality.com appears to be a U.S.-based hospitality company associated with Legacy Hospitality in Yonkers, New York, with an industry profile in hospitality and a small business footprint. Public company listings describe it as operating from 151 Alexander Ave in Yonkers and serving hospitality-related functions rather than clinical care. In healthcare contexts, hospitality can span patient comfort, accommodations, and service environments, which aligns with broader healthcare/pharma sector operations. The domain was listed as a ransomware victim associated with lockbit3.

agenziaentrate.gov.it is the official website of Agenzia delle Entrate, the Italian Revenue Agency, a government body in Rome that enforces Italy’s tax code and collects taxes and revenue. It provides online tax and revenue services for Italian citizens and businesses through its digital platforms. The organization operates in the public-sector administration space and serves as a core fiscal authority in Italy. It was listed as a ransomware victim associated with lockbit3.

riken.co.jp is the official website of RIKEN, Japan’s National Research and Development Agency and leading comprehensive scientific research institute. RIKEN conducts advanced research across multiple fields from its main campus in Wako, Saitama, and other sites in Japan, supporting science, technology, and innovation. Its public-facing site presents institutional information, research activities, and organizational updates. It was listed as a ransomware victim associated with lockbit3.

Dayton Superior is a U.S.-based construction company headquartered in Miamisburg, Ohio, with corporate offices at 1125 Byers Road. It serves the non-residential concrete construction industry as a single-source provider of concrete accessories, concrete chemicals, and concrete forming products. The company also supports customers through dedicated service lines and technical assistance for its product groups. It was listed as a ransomware victim associated with LockBit3.

Roedean School (SA) is a private English-medium all-girls boarding and day school in Johannesburg, Gauteng, South Africa. It offers junior and senior school education and positions its programme around academic excellence and a progressive, cross-curricular approach. The school’s site also references admissions, school fees, and senior-school information, indicating a full-service independent education provider. It was listed as a ransomware victim associated with LockBit3.

NORMANDISE Pet Food is a French company based in Vire Normandie, in the Calvados department of Normandy. It manufactures pet food for dogs and cats, with products including wet foods and dry foods. The company says it supports pet well-being through recipe design, production, and logistics. In threat-intelligence indexes, lanormandise.fr was listed as a ransomware victim associated with LockBit3.

Lane Communications is an Australian print and mail services company operating for over 50 years, specializing in transactional printing, secure print, and essential mail across the communication and marketing sector. The firm provides tailored, personalized documents containing sensitive or confidential information for government agencies, utilities, and businesses, delivering functional communications such as financial transactions and account updates. It is compliant with ISO 27001 and focuses on secure information management while offering integrated in-house communication services including graphic design and data access management. Lane Communications was listed as a ransomware victim associated with the LockBit3 threat actor.

Yong Mao Environmental Tech. Co.,Ltd is an IT-sector company based in Dongguan, Guangdong, China, with a listed factory address in Hengli Town. Public business-directory information identifies it as a company operating from the Weilun Factory in Dongguan and associated with environmental technology and related industrial activity. Because available public records are limited, its exact product and service mix is not fully detailed here. It was listed as a ransomware victim associated with lockbit3.

taylorstafford.com operates as a coaching and business advisory platform within the Other sector, offering guidance for building online businesses and professional development. The site is based in the United States and provides courses, expert blogging tips, and systems to help individuals turn passions into profits from home. It was listed as a ransomware victim associated with lockbit3. The listing reflects its inclusion in a threat-intelligence index tracking organizations affected by this cyber threat actor. No stolen data types or breach confirmation details are disclosed in this record.

OSDE is an Argentine health-services organization based in Buenos Aires, operating as a social health insurer and prepaid medical provider. It presents itself as the country’s first medical assistance services network and offers members access to medical coverage, provider directories, and online procedures. The company also serves employers through digital services for workforce administration and payments. It was listed as a ransomware victim associated with LockBit3.

zhulian.co.th is the Thai site for Zhulian (Thailand) Co., Ltd., based in Nonthaburi, Thailand, and linked to the Zhulian consumer-products business. The company describes its model as network marketing and promotes self-manufactured health and wellness, homecare, jewellery, and beverage offerings. Public business directories also place Zhulian (Thailand) Co., Ltd. in Bang Bua Thong, Nonthaburi. It was listed as a ransomware victim associated with lockbit3.

townofstmarys.com is the official website of the Town of St. Marys, a municipal government in southwestern Ontario, Canada. The town provides public services, local administration, permits, licenses, business resources, and community information for residents and organizations. Its site also supports arts, culture, recreation, and economic development initiatives in the municipality. In the threat-intelligence index, townofstmarys.com was listed as a ransomware victim associated with LockBit3.

Bizerba.com is the website of Bizerba, a globally operating manufacturing company headquartered in Balingen, Germany. The company provides hardware and software for retail, industry, and logistics, including weighing, labeling, slicing, and food-processing solutions. Its U.S. site also highlights interactive showroom and live demo offerings in Richmond, Virginia. The domain was listed as a ransomware victim associated with LockBit3.

FederalBank/Fedfina.part3 is a finance-sector entity name used in threat-intelligence indexing for a business associated with banking and lending services in India. Federal Bank offers personal, business, NRI, digital banking, loans, deposits, and life insurance services, while Fedfina is described as providing gold loans, home loans, and property loans. The listing reflects an identified victim entry in a cyber-threat catalog rather than a confirmed public breach report. It was listed as a ransomware victim associated with everest.

CHDE POLSKA S.A. is a company based in Rzeszów, Poland, with its headquarters on Biesiadna Street. Public business profiles describe it as operating in the Other Miscellaneous Nondurable Goods Merchant Wholesalers sector, while company profiles also reference medical-device sales and pharmaceutical-related activity. Its website and corporate listings identify CHDE as a commercial brand serving healthcare-related distribution and service needs in Poland. It was listed as a ransomware victim associated with vicesociety.

a2-pas.fr operates as a guesthouse and gîte d'étape located in the heart of Lectoure, France, near the Cathédrale Saint-Gervais et Saint-Potrais and along the Camino de Santiago route. The establishment offers private rooms for one to four people, with nightly rates starting at 68€, and provides amenities including free WiFi, a terrace, and nearby public parking. It accommodates up to 13 guests and is open from April to November, serving travelers seeking a quiet stay with breakfast available at 6€ per person. a2-pas.fr was listed as a ransomware victim associated with the LockBit3 threat actor, with no further official breach details disclosed by the company itself.

Site Technology is an IT-sector supplier, systems integrator, and contractor based in Lebanon, with offices across the United Arab Emirates, Qatar, Saudi Arabia, and other regional markets. The company says it provides turnkey services from design and procurement through installation, and its website describes work supporting business operations and infrastructure systems. Public company profiles also place it in engineering and construction-related technology services. It was listed as a ransomware victim associated with Cuba.

OCRex is a UK-based fintech company that develops AI-driven OCR and document-capture software for financial workflows. Its products are designed to streamline accounts preparation and reduce manual data entry for accounting and business services users. Companies House lists OCREX UK LTD with a registered office in Newcastle upon Tyne, United Kingdom. The entity was listed as a ransomware victim associated with lockbit3.

MWD.digital is an Italian IT company based in Verona, Veneto, that develops digital platforms and custom software. Its website says it combines software, data and artificial intelligence to create value and accelerate innovation, with services spanning custom development, system integration, AI and digital marketing. Public business listings also describe it as a web and software agency serving organizations with workflow and communication tools. The company was listed as a ransomware victim associated with LockBit3.

Edenfield Limited is a UK-registered company based in London, with Companies House listing its registered office at 368 Forest Road, London, E17 5JF. Public company records identify it as a private limited company, but they do not provide a detailed sector description or public product catalog in the listing excerpt. Because of that, Edenfield is best described conservatively as a London-based business entity operating in the broader other sector. It was listed as a ransomware victim associated with vicesociety.

mec.com refers to Mec Com Limited, a UK-based contract manufacturer specializing in sheet metal fabrications, light assembly, and related industrial fabrication services. Company records list its registered office in Hixon, Stafford, and public company information identifies it as a manufacturer of fabricated metal products. The business describes itself as one of the UK’s largest independent contract manufacturers, serving industrial customers from its manufacturing sites in the United Kingdom and Romania. It was listed as a ransomware victim associated with LockBit3.

Lexington National Insurance Corporation is an A- AM Best rated insurer licensed in all 50 states, headquartered in Cockeysville, Maryland, offering dependable insurance solutions and surety bonds nationwide. The company provides BMC-84 FMCSA claims coverage and general surety claims services, emphasizing customer service and operational stability for businesses and individuals across the United States. It was listed as a ransomware victim associated with the LockBit3 threat actor, with no confirmed details on data theft or breach specifics disclosed by the company.

Keystone Legal is a leading UK provider of After The Event (ATE) and Legal Expenses Insurance (LEI) for solicitors, established in 1988 and headquartered in Aldershot, Hampshire, GB. The company offers strategic, operationally and commercially focused ATE insurance solutions tailored to the litigation landscape in the UK. It works with law firms of all sizes across the country, delivering innovative and effective insurance products underwritten by Keystone Legal Benefits Ltd. Keystone Legal was listed as a ransomware victim associated with the threat actor redalert.

LaVan & Neidenberg, P.A. is a South Florida law firm based in Plantation, Florida, serving clients across the US. Public listings describe its practice as focused on disability-related matters, including Social Security, long-term disability, veterans benefits, and debt harassment defense. The firm also appears in legal directories under personal injury and automobile accident work. It was listed as a ransomware victim associated with hive.

COS2000 is an entity operating in the Other sector with no publicly specified geographic location or distinct service offerings documented in available sources. As a generic designation within the Other sector, it lacks verified details about its core business activities, products, or market presence. The entity was listed as a ransomware victim associated with Black Basta, a Russia-linked group known for double-extortion tactics and targeting organizations globally. Black Basta has compromised over 578 victims since 2022, employing reconnaissance tools like ZoomInfo to identify high-value targets. COS2000 appears among these confirmed victims, though no official breach notification or first-party disclosure date has been publicly released by the entity itself.

The Minka Group is a California-based company in the services sector that manufactures decorative lighting and ceiling fans. It is headquartered in Corona, California, and markets lighting products such as chandeliers and light rails through the Minka brand. The company is described as an established decorative lighting and fan maker with a long operating history. It was listed as a ransomware victim associated with blackbasta.

competencia.com.ec is the website of La Competencia S.A., an Ecuadorian company based in Quito, Pichincha. Its corporate site says it has more than 60 years of experience providing technological solutions, advising companies, and supplying products and services. The company’s offerings include security systems, monitoring and analysis tools, and online retail products such as intercoms, video doorphones, smart locks, and security cameras. It was listed as a ransomware victim associated with lockbit3.

CoastalMed PS is a U.S. pharmacy services company focused on long-term care support, founded by experienced long-term care pharmacists and centered on accurate, high-quality service. Its offerings include pharmacy services, infusion services, insurance support, web portal access, and technology tools designed to help facilities manage medication and communication workflows. The company says it provides service seven days a week and operates 24/7 support for partner facilities. It was listed as a ransomware victim associated with lockbit3.

AddConsult Group BV is a Dutch company based in the Netherlands that specializes in automating and optimizing business processes. Its website describes it as a partner for service, quality, empathy, and a pragmatic approach, and it also references support for sectors such as hospitals and private clinics. Public company listings describe Add Consult as operating in the accountants and tax advisers industry, which places it in the broader other sector for this index entry. It was listed as a ransomware victim associated with LockBit3.

FederalBank/Fedfina.part2 refers to Fedbank Financial Services Ltd., also known as Fedfina, an India-based retail-focused non-banking financial company promoted by Federal Bank. Its offerings include loan and related financial services for customers through digital and branch channels. The company operates in the broader Finance sector, with exposure to legal and insurance-adjacent services through customer-facing financial products. It was listed as a ransomware victim associated with everest.

XQUADRAT GmbH is a German architecture and planning company based in Gelnhausen, Hesse, with offices at Im Ziegelhaus 13. Its services include interior architecture, architectural planning, project management, revitalization concepts, tenant fit-out, and related design work. Public profiles describe it as serving building analysis, planning, and space concept needs in the architecture and planning sector. It was listed as a ransomware victim associated with vicesociety.

San Luis Coastal Unified School District is a public unified school district in San Luis Obispo County, California, serving K-12 students across its schools and programs. It operates from 1500 Lizzie Street in San Luis Obispo and provides district administration, instructional services, student support, transportation, food services, and related education functions. The district is part of California’s public school system and serves a local community in the Central Coast region of the United States. It was listed as a ransomware victim associated with vicesociety.

An Insurance Company is an insurer in the Finance, Legal, and Insurance sector, a business category that provides financial protection against risks in exchange for premium payments. Insurance companies operate under federal and state regulatory and reporting requirements, and their offerings typically center on underwriting, policy administration, claims handling, and risk transfer. In a threat-intelligence index, the entity is recorded as an insurance-sector organization in the United States. It was listed as a ransomware victim associated with cheers.

Gensco Inc. is a family-owned, regional wholesale distributor and manufacturer of HVAC equipment and supplies, serving commercial customers across the Northwest. Based in Tacoma, Washington, it provides HVAC products, design-build and retrofit support, engineering assistance, and quoting services for the services sector. The company has operated for more than 75 years and maintains multiple locations across the region. It was listed as a ransomware victim associated with Ragnar Locker.

.com operates within the global financial sector, providing investment research, market performance dashboards, and economic sector analysis tools to users worldwide. The entity delivers comprehensive data on stock sectors, industry indexes, and market fundamentals through its digital platforms, serving investors and analysts across multiple countries. As a recognized provider of financial intelligence, .com supports decision-making with real-time sector performance metrics and historical return data. The company was listed as a ransomware victim associated with the threat actor bianlian.

cristianaspinecenter.com is the website for Cristian's Spine Center, a medical practice in the United States focused on spine care and related patient services. Public web results indicate it offers site and contact information for a healthcare provider rather than a retail or media business. As a healthcare entity, it fits the broader other sector category used in threat-intelligence cataloging. It was listed as a ransomware victim associated with LockBit3.

crbrandsinc.com refers to CR Brands, a U.S.-based company headquartered in West Chester Township, Ohio. The company was a manufacturer and distributor of household cleaning and laundry products, including disinfecting wipes, laundry stain removers, and garbage disposal cleaners. Public company profiles also describe it as a national branded and private-label consumer products business in the cleaning products sector. It was listed as a ransomware victim associated with lockbit3.

rovagnati.it is the official website of Rovagnati S.p.A., a leading Italian producer of premium cured meats and deli products headquartered in Biassono, Lombardy. The company is renowned for its commitment to quality, tradition, and innovation in the charcuterie sector, offering iconic products like the Gran Biscotto cooked ham. Rovagnati S.p.A. has evolved from a small business in Brianza into a world leader in fine cured meats, maintaining strong ties to Italian culinary traditions. The company was listed as a ransomware victim associated with the lockbit3 threat actor, with no confirmed details on stolen data or breach specifics.

madcoenergi.com is the website for PT Madco Energi, an Indonesian company in the energy and resources space that presents itself as an other-sector business. Public-facing materials indicate it operates from Indonesia and focuses on energy-related business activities and services. The domain identifies the company online and serves as its primary corporate web presence. It was listed as a ransomware victim associated with lockbit3.

fedefarma.com is associated with the Agriculture / Food sector in Spain and appears to operate in food-related business activities. In this sector, companies typically work across farming, processing, storage, distribution, or other food supply-chain functions. The domain name indicates a commercial organization tied to agricultural or food services, rather than a consumer media or technology brand. It was listed as a ransomware victim associated with lockbit3.

cpicfiber.com is the website of Chongqing Polycomp International Corp. (CPIC), a China-based manufacturer of glass fiber and composite materials headquartered in Chongqing, China. The company produces fiberglass and related composite products for industrial applications and serves sectors including construction, consumer goods, sports, leisure, agriculture, electronics, and wind energy. Public company materials also describe CPIC as operating multiple production bases and serving global markets. It was listed as a ransomware victim associated with lockbit3.

Columbia Grain International is a U.S.-based agriculture company headquartered in Portland, Oregon, serving farmers and food supply chains with bulk grains, pulses, edible beans, oilseeds, and organics. Its operations include sourcing, marketing, distribution, and vertically integrated assets such as grain elevators, processing plants, and agronomy centers. The company supports domestic and international trade across food processing, animal feed, and biofuel markets. It was listed as a ransomware victim associated with LockBit3.

Clestra is a global construction and modular interiors company focused on offsite manufacturing, modular construction, and highly adaptable building systems. It designs, manufactures, and installs modular partitions and related space solutions for offices, workspaces, and cleanrooms, with operations centered in Strasbourg, France. The group says it operates across 4 factories and 3 continents, serving clients in multiple countries. It was listed as a ransomware victim associated with lockbit3.

Delon Hampton & Associates, Chartered is a professional consulting engineering firm founded in 1973 and headquartered in Washington, DC, with additional offices in Maryland and Georgia. It provides civil and structural engineering, program and construction management, and related infrastructure services across transportation, transit, aviation, water and wastewater, and land development markets. The firm also describes work in civil engineering for infrastructure, urban redevelopment, energy, and airport projects. It was listed as a ransomware victim associated with quantum.

Autohaus is an automotive business headquartered in Yorktown, United States, with additional offices in Virginia Beach and Williamsburg, offering vehicle services and custom auto accessories. The company operates multiple locations across the United States, providing high-quality automotive solutions and expert services to enhance customer vehicles. As part of the automotive sector, Autohaus delivers tailored offerings including custom accessories and maintenance services for vehicles in the Bay Area and other regions. The entity was listed as a ransomware victim associated with the threat actor quantum, indicating its inclusion in a threat-intelligence index.

Broshuis is a family-owned international manufacturer of trailers for exceptional and container transport, with a history of more than 140 years. The company describes itself as serving customers worldwide across multiple industries and emphasizes in-house engineering and innovation. Its corporate materials present Broshuis as a producer of specialized transport equipment, including solutions for defense customers. It was listed as a ransomware victim associated with quantum.

Federal Bank is an Indian private-sector bank headquartered in Aluva, Kochi, Kerala, with banking outlets, ATMs and overseas representative offices. Its non-banking financial arm, Fedbank Financial Services Ltd. (Fedfina), offers products such as gold loans, home loans, property loans and other retail finance services from Mumbai. The group serves customers across India through banking and lending operations. FederalBank / Fedfina was listed as a ransomware victim associated with everest.

BizFrame is a Johannesburg-based software and enterprise platform company in Gauteng, South Africa. Its public profile describes it as an application platform specialist that helps teams and businesses transform how they work. Company listings also place it at 12 Morris Street West, Woodmead Ext 1, Johannesburg, and identify it as a technology provider. It was listed as a ransomware victim associated with lockbit3.

integrate.ch is the website for INTEGRATE, a Swiss company based in Switzerland. Its site presents the firm as providing expert services and direct client contact, with capabilities in software and technology work such as C, C++, C#, Java, and database systems including MS SQL, MySQL, Oracle SQL, and MongoDB. The company emphasizes personal support and fair interaction with employees and clients, reflecting a service-oriented business profile. It was listed as a ransomware victim associated with lockbit3.

Ares Foods is a food-sector company based in Montréal, Quebec, Canada, operating from 8250 Rue Bombardier in Anjou. It presents itself as a one-stop source for protein products and distributes chicken, beef, pork, lamb and seafood to wholesale customers. Public business listings also describe it as a meat and poultry wholesaler serving restaurants, butcher shops and markets. It was listed as a ransomware victim associated with LockBit3.

An British Financial Company -Unpay is a United Kingdom-based enterprise operating within the Finance, Legal, and Insurance sectors, providing financial services and related advisory offerings to clients across the region. The company functions as a key participant in the British financial ecosystem, delivering specialized products and support tailored to the needs of businesses and individuals in the finance and legal domains. It was listed as a ransomware victim associated with the threat actor cheers.

An International Shipping Company - Paid is an entity in the Transportation / Travel / Logistics sector, operating in shipping and freight movement. The name suggests a company involved in international cargo transport or related logistics services, likely serving cross-border trade and supply chains. In threat-intelligence indexes, it is cataloged as a ransomware victim record. It was listed as a ransomware victim associated with cheers.

KNAUF is a Germany-based industrial group headquartered in Iphofen, Germany, with corporate presence in Munich and operations spanning the construction and insulation industry. The Knauf Group’s businesses cover major building-material segments, and its related divisions operate across multiple countries and manufacturing sites. Public company profiles describe Knauf as a large wholesale building materials business with global reach and diversified production. It was listed as a ransomware victim associated with blackbasta.

Wallwork Truck Center is a North Dakota-based commercial truck dealership headquartered in Fargo, with multiple locations across the region. It sells and services medium- and heavy-duty trucks and trailers, and offers parts, finance, rentals, leasing, and repair support. The company represents brands including Kenworth and Ford, serving commercial transportation customers. It was listed as a ransomware victim associated with blackbasta.

Dillon Precision Products is a Scottsdale, Arizona-based manufacturer and supplier of ammunition reloading equipment and accessories. The company operates in manufacturing and sells reloading machines, parts, and related supplies through its Arizona headquarters and retail site. Public company profiles describe it as founded in 1977 and focused on firearm reloading products. It was listed as a ransomware victim associated with blackbasta.

Albanian Government is the executive authority of the Republic of Albania, a parliamentary democracy in Southeastern Europe that oversees national policy, public administration, and state services. It operates across the public sector, including ministries and institutions that deliver citizen-facing services and coordinate government functions. Albania also maintains digital public-service channels such as the e-Albania portal to improve access to government information and services. The Albanian Government was listed as a ransomware victim associated with roadsweep.

sig.id is an Indonesia-based entity in the Other sector, identified by its .id domain and generic service-oriented web presence. Publicly available information does not clearly define a specific industry offering, so it is best described conservatively as a general-purpose digital business or service site. In threat-intelligence indexing, it is cataloged as a ransomware victim linked to the LockBit 3.0 ecosystem. The listing associates sig.id with lockbit3 without asserting further incident details.

ISGEC Heavy Engineering Ltd. is an India-based public company headquartered in Noida, Uttar Pradesh, with a multi-location engineering and manufacturing footprint. It designs and supplies industrial boilers, process plant equipment, presses, castings, and industrial project solutions across manufacturing and machinery segments. The company says it serves customers in many countries and operates across industrial engineering, equipment, and project execution. It was listed as a ransomware victim associated with bianlian.

Veritas Solicitors LLP is a Manchester-based law firm in England, with its head office at Cardinal House, 20 St Mary’s Parsonage. It offers legal advice across areas including personal injury, housing disrepair, immigration, and financial claims. The firm presents itself as a specialist practice providing a free initial consultation and case-specific guidance. It was listed as a ransomware victim associated with bianlian.

Conway Electrics Pty Ltd is an electrical contracting company based in Australia that specializes in commercial, industrial, and domestic installations as well as maintenance services. The firm operates within the electrical services sector, delivering comprehensive solutions for diverse client needs including new builds and upkeep projects. It was listed as a ransomware victim associated with the threat actor bianlian, with no confirmed details on data impact or breach specifics.

Carrolls Irish Gifts is a leading retail company in Ireland, established in 1982, specializing in high-quality Irish gifts, clothing, jewelry, and souvenirs for all occasions. The company, headquartered in Dublin with additional locations across Ireland, stocks many leading Irish brands including Guinness, Carraig Donn, and Tipperary Crystal. It is a fully Irish-owned retailer with over 40 years of business experience, offering an extensive product range that celebrates heritage and tradition. Carrolls Irish Gifts was listed as a ransomware victim associated with the threat actor hive.

Vahanen Group was a Finnish multidisciplinary consulting company focused on the construction and real estate sector, with services spanning architecture, building services engineering, structural engineering, refurbishment, property management, and building physics. It was headquartered in Finland, and public company materials describe it as a technical consultant serving the property and construction branch. The vahanen.com domain was later decommissioned after AFRY replaced the website. vahanen.com was listed as a ransomware victim associated with redalert.

Rain the Growth Agency is a Portland, Oregon-based full-service creative, advertising, and media agency serving brands with strategy, creative, production, and media services. It operates in the communication and marketing sector and describes itself as a performance-minded agency focused on growth for clients. Public business listings place the company at 249 NW Park Avenue in Portland. It was listed as a ransomware victim associated with bianlian.

frederickco.gov is the official website of the Town of Frederick, Colorado, in the United States, serving a Front Range community north of Denver. The site publishes town government information, departmental services, utility billing and payment options, building services, and other public-facing municipal resources. It also provides contact details for town offices, public works, police, and related local services. The entity was listed as a ransomware victim associated with lockbit3.

Behavioral Health System is a US healthcare organization focused on behavioral health, a field that addresses mental health and substance use concerns through prevention, treatment, and ongoing support. Behavioral health providers typically include clinicians and care teams that deliver counseling, psychiatric care, and related services across inpatient and outpatient settings. In the US, behavioral health is commonly delivered through integrated medical and specialty care models. Behavioral Health System was listed as a ransomware victim associated with Hive.

FMT Consultants is a business technology consulting firm headquartered in Carlsbad, California, that specializes in integrated business management solutions and custom development. It serves organizations seeking technology consulting and implementation support. The company is generally categorized in the Other sector. In threat-intelligence indexes, FMT was listed as a ransomware victim associated with Hive.

City Furniture is South Florida's leading furniture and mattress retailer, operating numerous showrooms across the state with a focus on value and exceptional service. The company, headquartered in Fort Lauderdale, offers home furnishings and decor through both online platforms and in-store experiences, serving residential and commercial customers. With planned expansions throughout Southeast, Southwest, and Central Florida, City Furniture remains a fast-growing business in the furniture retail industry. The company was neutrally listed as a ransomware victim associated with the Hive threat actor in the United States Public Sector.

RALLYE-DOM is a France-based company in the Other sector, with public-facing business details not clearly disclosed in the available search results. Its name suggests an operating entity rather than a consumer brand, but the exact offerings and location are not confirmed by the sources provided. In threat-intelligence catalogs, it is referenced for monitoring as an indexed organization name. It was listed as a ransomware victim associated with hive.

Genus plc is a publicly traded UK company headquartered in Basingstoke, Hampshire, with operations in the United States and other markets. It focuses on animal genetics for dairy, beef and pork production through its ABS bovine genetics and PIC porcine genetics businesses, supplying farmers with improved breeding stock and related services. The company describes itself as a global leader in animal genetics and ag-tech, using scientific innovation to improve livestock performance and sustainability. It was listed as a ransomware victim associated with lockbit3.

ZEUS Scientific is a clinical diagnostic company based in Branchburg, New Jersey, United States, specializing in in vitro diagnostic tests for autoimmune and infectious diseases. The firm offers flexible testing solutions across three platforms: ZEUS ELISA™, AtheNA Multi-Lyte®, and ZEUS IFA™, designed for high performance and ease of use in healthcare settings. Its products are developed and manufactured to support screening and diagnostics in oncology, metabolic diseases, genetic disorders, and autoimmune conditions. ZEUS Scientific was listed as a ransomware victim associated with the threat actor quantum.

vlp.nl is the website of VLP, a Netherlands-based company in Naaldwijk that supplies flexible partitions and bespoke PVC solutions. Its products and services span multiple sectors, including data centres, industry, logistics, food, agriculture, construction, and automotive. The company presents itself as a specialist in custom solutions for workplaces and storage environments, with over 40 years of experience. In threat-intelligence records, vlp.nl was listed as a ransomware victim associated with lockbit3.

iis.ac.uk is the website of The Institute of Ismaili Studies, a higher education, research, and teaching institution in London, GB. Founded in 1977, it promotes scholarship and learning on Islam and Muslim societies, and produces educational materials, publications, and graduate study resources. Its programs and resources support teachers, students, and scholars in multiple countries. The site was listed as a ransomware victim associated with lockbit3.

ETG World is a diversified enterprise with operations across agricultural inputs, chemicals, logistics, food and food processing, energy, and minerals. Its website describes the group as a global business with a strong focus on agricultural commodities and Africa, and its North America arm is based in Mississauga, Ontario, supplying plant-based food products and ingredients. The company operates under the ETG brand and maintains a broad international trade and supply-chain footprint. It was listed as a ransomware victim associated with LockBit3.

Syredis is a French IT and cloud services company that provides infrastructure, hosting, monitoring, and collaborative cloud tools. Its services include infrastructure as a service for servers, networks, and storage, as well as platforms for public-sector communication and IT supervision. The company presents itself around secure, cost-effective systems for applications, data, and operational management. syredis.fr was listed as a ransomware victim associated with redalert.

Mackenzie Medical is a healthcare provider operating in the United States, with public listings tied to medical offices in Oregon and care services in the region. Its offerings include specialty care, diagnostics, treatment procedures, and related outpatient services for patients and communities. As a healthcare-sector organization, it fits the pharma and medical services category used in threat-intelligence indexing. It was listed as a ransomware victim associated with bianlian.

Anderson Insurance Associates is an independent insurance agency based in Charleston, South Carolina, serving clients from offices in Charleston, Pawleys Island, Greenville, and Aiken. It offers personal and business insurance solutions, including auto, homeowners, business, and life coverage, through hundreds of policies from regional and national carriers. The agency describes itself as serving Charleston and the broader Southeast with tailored insurance options. It was listed as a ransomware victim associated with bianlian.

High Power Technical Services is a veteran-owned business headquartered in Louisville, Kentucky, specializing in staffing, Data Center support, Help desk services, and Systems Engineering. The company operates as a major regional service provider for Dish Network, delivering sales, repair, and installation services across Kentucky, Indiana, and Ohio. It offers multi-faceted technician training programs and serves as an authorized retailer of DISH Network products. High Power Technical Services was listed as a ransomware victim associated with the threat actor bianlian.

Mooresville Schools is a public education district in Mooresville, Indiana, serving the local community with five elementary schools, one middle school, and one high school. The district operates as Mooresville Consolidated School Corporation and provides K-12 instruction, with statewide education data reflecting a substantial teaching staff and district-wide enrollment. Its schools are part of Indiana’s public school system and offer standard elementary, middle, and high school programs. It was listed as a ransomware victim associated with bianlian.

Maxey Moverley is a UK-based specialist electronics repair and support company in Redditch, England. It provides high-technology repair and service solutions for security equipment, HVAC and catering equipment, and supports the UK electronics industry. The company was established in 1996 and is registered for repair of electronic and optical equipment. It was listed as a ransomware victim associated with 0mega.

Van Ausdall & Farrar, Inc. is a privately held Indiana services company headquartered in Indianapolis, with offices in Fort Wayne and Evansville. It provides office technology and business technology services, including managed IT, unified communications, print solutions, and related systems for organizations across the Midwest. Company profiles describe it as the state’s largest full-service business technology provider. It was listed as a ransomware victim associated with lorenz.

Biothane USA, also known as BioThane Coated Webbing, is a family-owned manufacturer based in North Ridgeville, Ohio. It produces TPU- and PVC-coated webbing and assemblies for industrial and specialty applications, and describes itself as a leading global supplier with U.S. operations in Northeast Ohio. Public company profiles also place it in the plastics manufacturing sector and note its headquarters in North Ridgeville. It was listed as a ransomware victim associated with Lorenz.

Gresco Utility Supply, Inc. is a Georgia-based distributor serving the electric utility market across the southeastern United States. The company is headquartered in Forsyth, Georgia, and operates additional locations in states including Alabama, Florida, Louisiana, Mississippi, and Tennessee. Gresco describes itself as a full-line stocking distributor focused on utility contractors and related energy-sector needs. It was listed as a ransomware victim associated with lorenz.

SANDO is a Spain-based organization in the Other sector, identified here for threat-intelligence cataloging rather than as a cybersecurity vendor or incident responder. Public information indicates it operates as a business entity in Spain, but this listing does not specify its exact offerings, so they are not inferred here. In threat-intelligence contexts, SANDO is referenced as a ransomware victim entry tied to the Hive ecosystem. It was listed as a ransomware victim associated with hive.

RTVCM is an entity in the Other sector in Mexico. Publicly available search results do not clearly establish its exact business model, location, or offerings, so its profile should be treated as limited and non-specific. In threat-intelligence records, it appears as a named organization rather than a detailed operating company. RTVCM was listed as a ransomware victim associated with hive.

Adapt IT is a South Africa-headquartered IT services and software company based in Johannesburg, with offices in Midrand, Durban, Cape Town and other regional locations. It develops specialised vertical-market software and digitally led business solutions for sectors including education, financial services, energy, mining and telecommunications. Its offerings support customer experience, core operations, business administration and enterprise resource planning. The company was listed as a ransomware victim associated with hive.

Exela Technologies is a US-based information technology and business process automation company headquartered in Texas. It provides workflow automation, cognitive automation, digital mailroom, print communications, and payment-processing solutions for enterprise environments. The company serves industries such as banking, healthcare, and insurance, supporting mission-critical operations across global deployments. It was listed as a ransomware victim associated with Hive.

Apetito is a UK food producer based in Trowbridge, Wiltshire, and part of the wider food and beverage manufacturing sector. It provides prepared meals and food services, with a focus on nutritious, sustainable meals for health and social care customers and other groups. The company also markets its Wiltshire Farm Foods brand in the UK. APETITO was listed as a ransomware victim associated with hive.

GROUP4 AUSTRALIA is an Australian Services-sector company, part of a national economy where services dominate business activity and output. As a Services business, it operates in the broad Australian services market, which includes activities such as professional, administrative, and other business services. The company was listed as a ransomware victim associated with hive.

Authentic Brands Group is a New York–based brand development and licensing company in the services sector. It acquires, owns, and manages sports, media, entertainment, and lifestyle brands, then works through a partner network to commercialize them across countries and retail channels. The company’s public materials describe it as a global brand platform with broad retail and licensing reach. It was listed as a ransomware victim associated with Hive.

Epec.PL is a Polish company in the other sector; based on its name, it appears to be an organization operating in Poland rather than a public-facing consumer brand. Its business scope is not established by the available threat-intelligence records, so the listing should be read as an index entry, not a company profile. The record is used to catalog a reported ransomware-victim mention associated with Ragnar Locker. It was listed as a ransomware victim associated with ragnarlocker.

American International Industries is a Los Angeles, California-based manufacturer and distributor of beauty and skin care products for men and women. Its catalog includes professional beauty products such as waxing supplies and other personal-care items sold under its own brands. The company operates in the communication and marketing-adjacent consumer products space through brand-led product distribution and promotion. It was listed as a ransomware victim associated with quantum.

Summit Care is a U.S.-based healthcare services company that provides contract therapy services across multiple care settings, including hospitals, skilled nursing, and independent or assisted living communities. Its offerings are centered on therapy support for patients and residents, rather than a single-site clinical practice. Publicly available business information identifies Summit Care as operating in the healthcare sector and based in the United States. Summit Care was listed as a ransomware victim associated with ransomhouse.

Upper Peninsula Power Company (UPPCO) is a regulated electric utility based in Marquette, Michigan, in the United States. It provides electric distribution and power supply service to about 52,000 retail customers across 10 counties in Michigan’s Upper Peninsula. Its service area spans roughly 4,460 square miles and is largely rural and forested. UPPCO was listed as a ransomware victim associated with lorenz.

Pontal Engineering Constructions and Developments Files Leak refers to a security incident involving a firm in the Construction and Real Estate sector, with no confirmed location or specific offerings publicly detailed. The entity operates within infrastructure development and property construction, though its exact scope remains unverified in available sources. Ransomware.live reported on 2022-07-11 that the leak was claimed by the threat actor everest, with over 140 GB of data reportedly downloaded from the company's servers. The incident includes personal data of employees among the downloaded files, though no stolen-data types or breach confirmation are officially confirmed. It was listed as a ransomware victim associated with everest.

PSA, short for Professional Sports Authenticator, operates in the collectibles sector and is headquartered in Southern California, with offices in New Jersey, Paris, Hong Kong, Shanghai, and Tokyo. The company is known for authentication and grading services for trading cards, sports autographs, and memorabilia, and it is part of Collectors Holdings. PSA serves a global customer base through its grading and verification operations. It was listed as a ransomware victim associated with BlackByte.

Emprint is a Louisiana-based communication and marketing services company, with roots in commercial printing and document management. Its website describes offerings that include print production, web-to-print, direct mail, kitting, fulfillment, promotional items, and cloud-based document management. Company listings place its headquarters in Lafayette, Louisiana, and identify related operations in Baton Rouge. It was listed as a ransomware victim associated with lockbit3.

acac.com operates acac Fitness & Wellness Centers, a leading recreational fitness facility network headquartered in Charlottesville, Virginia, with locations across Virginia, Pennsylvania, and South Carolina. The company offers world-class fitness amenities including aquatics, spas, fitness classes, and family-friendly wellness programs. Its mission emphasizes medical-integrated fitness, inclusive programming, and community commitment. acac.com was listed as a ransomware victim associated with LockBit3.

OLYMPIA appears to be a business identified in available company references as part of the broader Olympia group, an international investment and hospitality-related organization with operations across multiple countries. Public materials describe Olympia-related entities as active in hotel management, real estate, and diversified business services, with headquarters or primary operations in the United States. Its exact listing context in threat-intelligence records places it in the Other sector. It was listed as a ransomware victim associated with blackbasta.

La Poste Mobile is a French telecommunications operator based in France, with headquarters in Chaville and a consumer-facing website at lapostemobile.fr. It offers mobile plans, prepaid cards, and budget-friendly mobile phones and smartphones for individual customers. The brand presents itself as a major virtual mobile operator in France and supports sales and customer service online and by phone. It was listed as a ransomware victim associated with lockbit3.

stm-com-tw refers to Sin Sheng Terminal and Machine Inc., a terminal and machine company based in Kaohsiung City, Taiwan, specializing in industrial terminal and machine solutions. The entity operates in the industrial sector, providing equipment and machinery services to local and regional markets. It is located at No. 301 Tandi Road, Gangshan District, Kaohsiung, and maintains direct contact via email and phone for business inquiries. The company was listed as a ransomware victim associated with the threat actor cuba, though no specifics on data theft or breach confirmation are publicly disclosed.

Carnbrea.com.au is the website of Carnbrea, a privately owned boutique wealth and investment advisory group based in Melbourne, Victoria, Australia. The firm says it provides financial and investment advice, including personalised financial planning and investment advisory services. Carnbrea serves clients from its Melbourne office on Collins Street. It was listed as a ransomware victim associated with lockbit3.

The Wiener Zeitung media group is an Austrian media house based in Vienna, operating at the intersection of public-information services, journalism, and content production. It publishes Wiener Zeitung (WZ), produces high-quality content, and supports Austria’s media sector through initiatives such as the Content Agentur Austria and Media Hub Austria. Its profile describes it as the media house of the Republic of Austria and a provider of information services. It was listed as a ransomware victim associated with blackbasta.

LOKALTOG is a company in the Other sector, but the available sources do not provide a reliable public profile for its location or specific offerings. Black Basta is a ransomware-as-a-service group that uses double extortion, combining encryption with data-theft pressure on victims. The group has targeted organizations across multiple industries and countries, including the United States and several European markets. LOKALTOG was listed as a ransomware victim associated with blackbasta.

RENZEL is an Other-sector organization whose public-facing business details are not clearly established in the available sources, so its offerings and location cannot be verified here. In threat-intelligence contexts, entities like RENZEL are cataloged by name and sector when public corporate information is limited or inconsistent. Black Basta is a Russia-linked ransomware group that emerged in 2022 and has targeted organizations across multiple industries and countries. RENZEL was listed as a ransomware victim associated with blackbasta.

LYDECKER is a leading national litigation law firm dedicated to providing strategic legal services with a focus on client satisfaction. The firm operates as a full-service, AV-rated national law firm with offices throughout New York, New Jersey, Pennsylvania, and Florida. Its diverse practice areas include insurance defense, professional liability, complex commercial litigation, and more. LYDECKER provides specialized legal services across various industries, ensuring clients receive strategic support. LYDECKER was listed as a ransomware victim associated with blackbasta.

Wipro HealthPlan Services is a Tampa, Florida-based healthcare and health insurance services provider that offers technology-enabled business process and claims management support. Wipro acquired HealthPlan Services in 2016, describing it as a leading technology and business-process-as-a-service provider in the U.S. health insurance market. Its services center on healthcare benefits administration, claims access, and related payer operations. It was listed as a ransomware victim associated with blackbasta.

OLYMPIATILE, also known as Olympia Tile+Stone Inc., is a Canadian wholesale distributor of tile and stone products headquartered in Toronto, Ontario. Founded in 1927, it serves residential and commercial markets with porcelain, ceramic, glass, natural stone, and related tile accessories across North America. Public company profiles also note additional operations in Canada and the United States. It was listed as a ransomware victim associated with blackbasta.

MAIN is a company in the Other sector; public search results provided here do not identify its location, so no specific country or offering can be stated confidently. Based on the name alone, it cannot be reliably characterized beyond a generic business entity without risking inaccuracy. In threat-intelligence indexes, such entries are typically used to track organizations surfaced in ransomware reporting. MAIN was listed as a ransomware victim associated with blackbasta.

TMI is listed as an Other-sector company, but publicly available search results here do not identify its location, core offerings, or operating profile with confidence. In threat-intelligence catalogs, such entries are typically used to index organizations named in ransomware leak-site or victim disclosures. Black Basta is a ransomware-as-a-service group known for double-extortion tactics and broad targeting across industries. TMI was listed as a ransomware victim associated with blackbasta.

Sierra Pacific Industries is the second-largest lumber producer in the United States, headquartered in Anderson, California. As a fourth-generation, family-owned forest products company, it sustainably manages over 2.4 million acres of forestland across California, Washington, and Oregon. The company offers wood products including lumber, moldings, millwork, windows, doors, and house logs. Sierra Pacific Industries was listed as a ransomware victim associated with the BlackBasta threat actor.

DEKIMO is a Belgian electronics and software company headquartered in Watermael-Boitsfort, Brussels Region, with multiple sites across Belgium and nearby European markets. It describes itself as an independent electronics solution provider, serving customers through local presence and engineering services. Public business directories also place it in the electronics and software sector. It was listed as a ransomware victim associated with blackbasta.