All Ransomware Records

750GB+ of stolen data include contracts, confidential , intellectual property data, and more

Human Resources, Projects, Documents, and more. If Sunland Asphalt refuses to pay the ransom, every data will be published to the public.

samples of: Confidential agreements Military personnel (white house service members) related files taxation data

Xybion's Emidence TM platform satisfies our current and evolving future needs with the unique adoption technique of "Your Process - Your Way", Joseph F. Molloy Vice President, Workforce Safety. We wanted to go paperless without impacting our existing business processes. It was a smooth transition for our users thanks to Labwise XD.

Our Lady of the Lake University, founded in 1895 by the Congregation of Divine Providence, is a coeducational institution. - DB - Health - Finance - Admissions - IT - HR And many of more...

At Paul Smith's College, it's about the experience. We are the only four-year institution offering broad-based higher education in the Adirondacks. Our programs...

Confidential, taxation, and financial data

Global IT company with terrible IT security. How can Emtec secure clients when they don't secure their own network? MISRA SUNIL SSN:050-66-2655 Email:[email protected] JOHNSON RICK SSN:252-33-1704 Email:[email protected] DESAI DINESH SSN:516-74-2061 Email:[email protected] CHANDLER GREGORY SSN:220-02-8854 Email:[email protected] BALLINGER VICKI SSN:208-46-9296 Email:[email protected]

The leading manufacturer and distributor of innovative, quality beauty and skin care products for men and women. With 45 years of industry experience.The leading manufacturer and distributor of innovative, quality beauty and skin care products for men and women. With 45 years of industry experience.

https://www.zeusscientific.com/about Zeus Scientific, Inc. manufactures clinical diagnostic solutions. The Company offers flexible solutions for autoimmune and infectious disease testing. AvosLocker team publishes the first part of exfiltrated files from Zeus Scientific Servers, NDA contracts etc

All company projects includes drawings, contracts, and all details employees social security number 401K plans company financial data includes bank accounts information, and taxation reports and more

We downloaded 50GB of internal files from DLS Motors. -- Just 83 years ago, the company Sobera S.A. entered the Paraguayan market, bringing new business opportunities, new projects, new sources of employment and contributing to the sustained economic growth of our country.

We downloaded about 80 gigabytes of internal school documents, including teacher and student contact information, student loan contracts, internal school financial documents, etc

Website - https://alvac.es Company name: ALVAC S.A. Companies System Administrator trying to hide the cyberattack on the ALVAC S.A. servers. Vídeos confidenciales https://vimeo.com/752214614 AvosLocker team is ready to leak more files on the blog, publish video-files and attack networks again. We should agree with you to decrypt your networks and remove all ALVAC S.A. exfiltrated files from AvosLocker team servers. https://twitter.com/PedroFe12181764/status/1575117531957846017 https://twitter.com/search?q=%40alvac&src=typed_query&f=live

We are the most important company in Mexico that integrates water infrastructure projects, with more than 60 years of experience, having developed more than 90 public and private projects. We provide solutions with the highest technology and innovation for water and wastewater treatment.

We are a leading multinational health group committed to keeping communities healthy through our own Comprehensive Health Model, which is based on prevention, identification and management of health risks, and control and management of the disease and the dependency.

1 part of:750GB, Personal folders of key employees, all infrastructure\personal data\accounting, etc.Md. Azharul Islam_6581 36gb - Senior Executive,Production at Aristopharma Ltd. Md. Rubel_10790 4gb - Executive, Production at Aristopharma Ltd...

Managed, Dedicated enterprise-class Cloud hosting for businesses. Citrix Hosting, Virtual Servers.

Semitec Vietnam (SEV) is the 15th subsidiary of Semitec Corporation, headquartered in Japan. The company specializes in manufacturing electronics, sensors.

International provider of analytics, technology solutions and contract research services for the healthcare industry.

Realstar is a company that operates in the Real Estate industry. It employs 251-500 people and has $50M-$100M of revenue. The company is headquartered in Toronto, Ontario, Canada.

Revenue 14kkExcentia Human Services is a nonprofit organization in Lancaster County that provides services for people with developmental needs and autism throughout the lifespan. These services can begin at birth with therapeutic and educati...

Bavelloni SpA provides glass processing technology and services for the architectural, furniture and domestic appliance and solar industries.We encrypted the network of this company. We also stole about 200GB of the date. Financial information. Sal...

Founded in 2010, Aegea is one of Brazil’s largest private sanitation companies. In each town it operates, it takes more health and quality of life to the population, always respecting the environment and local culture. Today, more than 21 million people are served in 154 cities across Brazil.Aegea manages sanitation assets through full or partial common concessions, sub-concessions and public-private partnerships (PPPs) and manages public concessions in the entire water cycle, i.e., supply, collection and treatment of sewage according to the profile and needs of each town.

Rech Informática Ltda is a company that operates in the Staffing and Recruiting industry. It employs 51-100 people and has $10M-$25M of revenue. Headquarters: 460 Rua Tupanciretã, Novo Hamburgo, Rs, 93334-480, Brazil

A small boutique CPA firm located in Irvine California. We provide tax and accounting services to individuals and their businesses. Hands on assistance with tax planning, tax compliance and various other matters. We believe getting to know our client...

Strem established in 1964, is a company that manufactures and markets specialty chemicals of high purity. Strem was acquired by Ascensus Specialties in 2021. Its clients include academic, industrial and government research and development laboratories as well as commercial scale businesses in the pharmaceutical, microelectronic and chemical / petrochemical industries. Strem also provides custom synthesis (including high pressure synthesis) and cGMP manufacturing services.

Pinnacle Communications merged with Justin Hannesson and Pinnacle West LLC to become the company that we are today. This dynamic strength exhibited within both companies merging into one has positioned Pinnacle as one of the most valued brands in the hospitality industry. Through all of 30-plus years, we continue to grow and our reputation for quality service and a robust product line keeps us in the forefront of the niche hospitality market. Pinnacle’s employees have always been the core and heartbeat of the company since the day we started. Along with an unmatched work-ethic, talent and ingenuity, Pinnacle’s all-star staff has survived the many economic and turbulent challenges of the past 30 years. Through it all our proven leadership team and staff have shown great determination and passion for our company, and we look forward to a bright future.

Founded in 1908 and headquartered in Novi, Michigan, MAXION Wheels wheel manufacturer for passenger cars, light trucks, buses, commercial trucks, and trailers.

Custom Software Development Company - Softeq

Loeschgroup – Beschläge, Sicherheits- und Türschließtechnik

South Staffs Water - South Staffordshire Water

SAP Software Solutions - SAP Consulting & Implementation Company

Spinneys UAE - Supermarket and Grocery Delivery in Dubai, Abu Dhabi, Al Ain & Fujairah

Home - Pricedex Software

AC & Heating Services in Orlando, FL - HVAC Installation throughout Volusia, Winter Park, Windermere, Oviedo & Lake Mary, FL

Latournerie Wolfrom Avocats - France et International depuis 25 ans

ENS Security Camera is a Distributor Manufacturer surveillance supplier

Fort Sumner Home Page

Newcourse Communications - Full-service Data-Processing Print Provider

Die HR Software mit Wir-Prinzip

Your value-added distributor - 888VoIP

Orbit Industries, Inc.

Index - Fair Rite

Access denied

The Network Operations Company – Providing Managed IT Services

Family Lawyers in Jacksonville, FL - Zisser Family Law

SA1 Solutions - Award Winning IT Support in Swansea, Cardiff and South Wales

Oakdell Egg Farms - Home

403 Forbidden

Home - Drive & Shine

Homepage - Dymond Reagor, PLLC

CAP Carpet & Flooring Store - Hardwood, Waterproof Tile & Plank Floors, Ceramic Tile, Custom Area Rugs

JB Instant Lawn - Resources

403 Forbidden

Dutton Law Firm - Waterloo Lawyers - Iowa Personal Injury Lawyers

Database Error

Unternehmen

EDAN 理邦仪器

403 Forbidden

Slimstock - Experts In Inventory Management Solutions

403 Forbidden

Welcome to Natus - Natus

SmarterASP.net - Unlimited ASP.NET Web Hosting

通力科技股份有限公司

Singleton Schreiber - Fearless Advocacy

Absolute Results - Helping Dealers Sell Cars Today and Tomorrow

Bolton

403 Forbidden

403 Forbidden

Bluebonnet Nutrition-Vitamins-Minerals-Proteins-Herbs-Supplements

Sunset Healthcare Solutions

Benefit Plan Administrators, Inc.

403 Forbidden

Coulson Group - Leaders in Innovation

National Document Management Specialist » Stor-a-File

Kleinberg Lange Cuddy & Carlo LLP - Entertainment Law Firm

W.D. Manor Mechanical Contractors - W.D. MANOR MECHANICAL CONTRACTORS, INC.

Janitorial Supplies and Equipment - KSS Enterprises

Home - Paragon Global Resources

Pension Benefit Consultants, Inc. – Actuaries and Retirement Plan Administrators

ABCO Automation - Specializing In Factory Automation

Home - ZucchettiKos

403 Forbidden

Agriculture & Turf Equipment & Services - Papé Machinery

KSS Architects

403 Forbidden

Pharmaceutical Manufacturing and Exports, Research and Development in Pharma – Aurobindo Pharma

Foodland Homepage - Foodland

Renal & Vascular Medical Devices - Nipro Medical

Postlethwaite & Netterville (P&N ) - Louisiana - Mississippi - Texas CPA

Shell Global

Stanford University

University of Miami

Home - University of Colorado Boulder

Access denied

Homepage - Bombardier

Access denied

Mobile, Fibre Broadband and TV services provider - Singtel

Symrise I Food & Beverage I Pet Food I Aqua Feed I Fragrance I Cosmetic Ingredients I Aroma Molecules - Symrise

ELAND RETAIL

Home - Parkland

Software & Technology Services and Solutions - Software AG

Housing Finance - Home Loan Company in India - Indiabulls Home Loans

Not Acceptable!

Resources for the Future—Healthy Environment, Thriving Economy

Accueil - Transport Boutin

SIU School of Medicine Home - SIU School of Medicine

TravelStore: Business and Vacation Travel Consultants - TravelStore

Region of Durham

Home - University of California

The University of Maryland - A Preeminent Public Research University

Home - Yeshiva University

Marnell Companies - Industry-Leading Casino Architecture and Design Best Architect and Designer in Las Vegas, NV.

RaceTrac - Whatever Gets You Going

Ihr ganzheitlicher Engineering-Partner - EDAG Group

Wright Medical Group N.V. - a global medical device company

IT Security and Compliance Platform - Qualys, Inc.

Home - M Moser Associates

NOW Foods - Vitamins and Supplements - Essential Oils

CSX rail, intermodal and rail-to-truck transload services - CSX.com

403 Forbidden

Homepage - Transport for NSW

CGG: Global Technology and HPC leader

403 - Forbidden: Access is denied.

Pentair

Global offshore and onshore geotechnical and survey services

American Bureau of Shipping (ABS) Eagle.org

403 Forbidden

Personal pride in our public service - Amey plc

Nova Biomedical develops, manufactures, and sells advanced technology blood testing analyzers and meters.

Midwest New and Used Truck Dealer Group - Allstate Peterbilt Group

Prettl - Think global. Act local.

Just a moment...

Experts in Metering Technology and Water Treatment - ProMinent

Ihr Klebstoffhersteller aus Rohrdorf & Herford - PlanatolPlanatol

Technische Werke Ludwigshafen AG (TWL) - Technische Werke Ludwigshafen AG - Meine Energiequelle: Privatkunden

Leading Transportation Analytics Solutions - INRIX

The MHMR Authority of Brazos Valley is a public non-profit community MHMR center. Through the Texas Department of State Health Services and Texas Department of

Maracaibo, Zulia, Venezuela

Berlina Tbk provides one stop solution for plastic packaging with state-of-the-art technology and machinery, complete product design & development, Tube, Injection Moulding, Blow Moulding, Cap, Decoration and Mould making facilities.

Alvaria, (pronounced: ahl-vahr-ee-uh), a global leader delivering optimized customer experience and workforce engagement software and cloud services technology solutions.

Consultancy and engineering services firm.

Hosting, quick book hosting, sql hosting, exchange hosting.

Corporation manufactures and sells electronic components in Japan and internationally

Passports / SSN / Confidential Docs 

Centrisys is a USA manufacturer of decanter centrifuges for sludge dewatering and thickening. Since 1987 Centrisys has been a leader in decanter centrifuge service and repair for all brands of centrifuges on the market today. CNP - Technology Water and Biosolids, a subsidiary of Centrifuge-Systems, LLC, designs and supplies innovative nutrient recovery and energy optimization systems for wastewater treatment. In this release we can offer you 403 GB of their corporate data.

country: US - revenue: 22.00M

country: US - revenue: 8.00M

country: US - revenue: 145.00M

country: US - revenue: 20.00M

Whatcom County Library System (WCLS) is a public library system serving Whatcom County, Washington, in the United States. It operates library branches, mobile services, and online resources for books, media, digital content, and patron support. WCLS also offers accessibility services, public programs, and procurement-related information through its website. It was listed as a ransomware victim associated with unsafe.

chedimuscat.com is associated with The Chedi Muscat, a 5-star beach resort in Muscat, Oman, located on the Al Ghubra shoreline north of the old city. The property offers beachfront lodging, multiple pools, restaurants, lounges, a spa, and other guest amenities. Its website serves as a hospitality and booking presence for the resort and related guest services. It was listed as a ransomware victim associated with unsafe.

Barakat Travel Co. is a Kuwait-based travel management company established in 1988. It serves individual, corporate, and leisure travelers with services including flight and hotel bookings, holiday packages, cruise reservations, car hire, train tickets, and medical travel. The company presents itself as a local travel specialist with offices in Kuwait and a focus on tailored travel solutions. It was listed as a ransomware victim associated with unsafe.

UCAR is a French vehicle-rental company based in Boulogne-Billancourt, in the Île-de-France area, with its head office on rue Louis Pasteur. Its website presents UCAR as a local car-rental network that lets customers book vehicles online, search offers by city or postal code, and find nearby agencies across France. The company promotes short-term rentals of cars and utility vehicles through a broad agency network and online reservation tools. It was listed as a ransomware victim associated with unsafe.

Interface is a US-based commercial flooring company headquartered in Atlanta, Georgia. It designs, produces, and sells modular carpet tile, resilient flooring, and related hard-surface products for commercial spaces. The company describes itself as a global leader in modular flooring and highlights sustainability as a core part of its offering. In threat-intelligence listings, Interface was associated with the ransomware actor Hive as a victim.

Liberty Pultrusions is a U.S. manufacturer based in Pittsburgh, Pennsylvania, that produces engineered fiberglass reinforced plastic (FRP) pultrusions. The company says it has more than 40 years of experience in the FRP industry and offers custom pultruded products in a range of shapes and sizes for manufacturing and engineering applications. In threat-intelligence listings, Liberty Pultrusions was identified as a ransomware victim associated with karakurt.

Wrapex Industrial Services is a Western Canadian industrial services company that provides industrial insulation, glycol tracing, utilidor work, and scaffolding services. Its operations support manufacturing and engineering environments across industrial projects in Canada. The “Wrapex Industrial - Leaked” entry identifies the company in a threat-intelligence context as a manufacturing/engineering-sector target. It was listed as a ransomware victim associated with Ragnar Locker.

Zehnder's of Frankenmuth is a Michigan hospitality and retail business based in Frankenmuth, with its main site on South Main Street in the city’s downtown district. Its brand includes Zehnder’s Marketplace, which sells food, gift items, fresh baked breads, pastries, sweet treats, and private-label products through in-store and online channels. The company traces its origins to 1929 and operates as a long-running regional destination for dining and retail. It was listed as a ransomware victim associated with royal.

North Idaho College is a public community college in Coeur d'Alene, Idaho, with additional locations in Post Falls and Rathdrum. It offers more than 80 degrees and certificates, including transfer programs and career and technical education. The college serves students through academic, workforce, and training programs across its regional campuses in northern Idaho. It was listed as a ransomware victim associated with Hive.

Innovative Education Management (IEM) is a California education organization based in Placerville, California, that develops and operates charter schools. It has served California charter schools since 1998 and offers a tuition-free, individualized education model through independent-study and public charter programs. Public profiles describe it as focused on personalized learning and school management services for students and families. It was listed as a ransomware victim associated with Hive.

Dixons Allerton Academy is an all-through school and sixth form in Allerton, Bradford, West Yorkshire, England. It serves pupils from primary through post-16 education and operates within the education sector. The academy is located on Rhodesway in Bradford and is part of the Dixons Academies Trust. It was listed as a ransomware victim associated with Hive.

City Of Huntsville, Texas is a municipal public sector government in Huntsville, Texas, serving residents through city departments and administrative services. The city’s official website and municipal directory identify it as the City of Huntsville, with offices at 1212 Avenue M and a local government structure that supports public health, safety, and welfare. It operates as a city administration in the United States and provides public information, services, and community notices. The City of Huntsville, Texas was listed as a ransomware victim associated with hive.

Serena Hotels is a hospitality group operating hotels, resorts, safari lodges, camps, and forts across East Africa, Southern Africa, Central Asia, and South Asia. Its properties are positioned in travel and leisure destinations, serving guests through accommodation, dining, events, and resort experiences. The brand’s portfolio includes city hotels and destination lodges in countries such as Kenya and Tanzania. Serena Hotels - Leaked was listed as a ransomware victim associated with ragnarlocker.

FREDERICK Public Schools is a public school district in Frederick County, Maryland, serving students across elementary, middle, high, charter, and other education centers. The district operates a K-12 public education system for the county’s residents and maintains multiple schools and support facilities. In threat-intelligence indexing, it is cataloged as a ransomware victim. It was listed as a ransomware victim associated with vicesociety.

McNamara & Thiel Insurance Agency is an independent insurance agency in Fond du Lac, Wisconsin, serving clients in the finance, legal, and insurance space. Its public company profiles describe it as a full-service agency offering personal, business, life, and health coverage, including auto, homeowners, farmowners, renters, and workers compensation insurance. The agency says it works with multiple carriers to match policies to client needs and budget. It was listed as a ransomware victim associated with vicesociety.

JEALSA is a Spanish family-owned enterprise founded in 1958, headquartered in Boiro, Galicia, ES, specializing in the manufacturing and commercialization of canned fish and seafood products. As a leading processor and manufacturer in the food and beverages sector, the company operates as a self-owned entity with over 1,000 employees, serving as a top canned food producer in Spain and second in Europe. JEALSA RIANXEIRA S.A. is part of its corporate structure, reflecting its role in the broader manufacturing and engineering landscape of the seafood industry. The company was listed as a ransomware victim associated with the threat actor vicesociety, marking it as an affected entity in recent cyber-threat intelligence reports.

Communications Solutions Company is a Saudi Arabian company based in Riyadh, Saudi Arabia. Public business profiles describe it as a communications and telecom-networking services provider specializing in telecommunication and networking field services. The company has operated since 1999 and serves as a specialist in communication services for enterprise and infrastructure environments. It was listed as a ransomware victim associated with vicesociety.

Priority Building Services, LLC is a commercial janitorial and facilities maintenance company headquartered in Brea, California, serving clients across California, Arizona, and Nevada. The firm provides tailored interior and exterior maintenance solutions for commercial real estate, healthcare, education, and retail sectors. With over three decades of experience, it supports Fortune 500 companies with comprehensive janitorial and landscaping services. Priority Building Services, LLC was listed as a ransomware victim associated with the threat actor vicesociety.

Waikato District Health Board was a district health board that provided healthcare services to the Waikato region of New Zealand, operating from Hamilton as its headquarters. It offered a range of medical services within the hospital and healthcare sector, including surgical procedures, management of medical conditions, and support for patients during and after hospital stays. The organization also provided guidance on lifestyle factors and managed contractors and car parks while ensuring secure storage for medication and equipment. Waikato District Health Board was formally disestablished on 1 July 2022 when its functions were assumed by Health New Zealand. The board was listed as a ransomware victim associated with the threat actor vicesociety.

Whitehouse Independent School District is a public school district in Whitehouse, Texas, in Smith County, serving students from pre-kindergarten through grade 12. It operates multiple schools and provides K-12 education and district support services for the local community. Whitehouse ISD is part of the education sector and maintains public-facing finance, enrollment, and school information for families and staff. It was listed as a ransomware victim associated with vicesociety.

SparJames Hall & CompanyHeron and Brearley operates within the Healthcare and Pharma sector, delivering essential health-related products and services. The entity is based in the United Kingdom and focuses on offerings aligned with consumer and pharmaceutical healthcare needs. It was listed as a ransomware victim associated with the threat actor vicesociety.

Higher School of the Public Ministry of the Union is a Brazilian public-sector institution tied to the federal Public Ministry, based in Brazil and focused on training, research, and professional development for legal and public-service audiences. As a higher-education and institutional learning body, it offers courses and educational programs that support the ministry’s work and public-sector capacity building. In threat-intelligence listings, it was identified as a ransomware victim associated with vicesociety.

San Luis Coastal Unified School District is a public school district in San Luis Obispo County, California, serving communities including San Luis Obispo, Morro Bay, Los Osos, and parts of Pismo Beach. It educates students from preschool through grade 12 and also operates an adult school. The district serves roughly 7,500 to 7,741 students across its schools and programs. It was listed as a ransomware victim associated with vicesociety.

Consejo Superior de Investigaciones Científicas (CSIC) is Spain’s largest public research institution and a state agency focused on scientific and technical research. It is based in Madrid and operates across multidisciplinary institutes and centers throughout Spain, supporting research, collaboration, and technology development. As a public-sector organization, it serves scientific, technological, and advisory functions for the Spanish state. It was listed as a ransomware victim associated with vicesociety.

Family Medicine CentersFMC Clinics is a healthcare provider in the United States that offers family medicine and primary care services for patients seeking routine and ongoing medical treatment. Public clinic listings for similarly named FMC locations show outpatient care, wellness visits, chronic-disease management, and same-day appointments in community settings. In healthcare and pharma, family medicine centers typically serve children and adults across general preventive and diagnostic care. It was listed as a ransomware victim associated with vicesociety.

Sae-a is a South Korea-based global conglomerate with operations across clothing, food, home, paper and packaging, construction, infrastructure, technology, and cultural industries. Its apparel arm, Sae-A Trading, is a global clothing manufacturer and exporter with production in multiple countries. The group’s business profile places it in manufacturing and engineering-related activities through a broad industrial portfolio and international factory network. It was listed as a ransomware victim associated with cuba.

Teknowsource.in is a management consultancy based in Thane, Maharashtra, India, specializing in staffing, payroll, and team-building services for clients operating in India. The firm assists businesses in setting up captive units, office infrastructure, and acquiring performance teams, serving the NGO and association sector. It operates as a private limited company, Teknowsource Management Consultants Pvt Ltd, with a focus on high-performance team development. The entity was neutrally listed as a ransomware victim associated with the LockBit3 threat actor.

Xavier University of Louisiana is a private, historically Black, Catholic university in New Orleans, Louisiana, offering undergraduate and graduate programs across liberal arts, sciences, and professional fields. Its academic divisions include education and counseling, reflecting a broader focus on teaching, research, and student development. The university serves a mostly undergraduate student body in an urban campus setting and is known for its science and professional preparation programs. It was listed as a ransomware victim associated with vicesociety.

JAKKS Pacific Inc. is a U.S.-based company headquartered in Santa Monica, California, that designs, develops, produces, and markets toys, games, leisure products, and other consumer products sold worldwide. The company operates as a multi-brand manufacturer and marketer with a broad consumer-facing portfolio. In threat-intelligence catalogs, it is listed as a ransomware victim associated with hive.

Stolle Machinery is a U.S.-based manufacturing and engineering company headquartered in Centennial, Colorado, with additional operations in Ohio and other global locations. It develops and supports machinery for the can-making industry, including equipment used to produce two-piece cans and ends. The company says it maintains facilities around the world to provide local service and support to customers. It was listed as a ransomware victim associated with hive.

Keralty is a multinational healthcare group based in Colombia that delivers health services through hospitals, outpatient centers, emergency care, dental care, and related provider networks. The company says it operates a comprehensive health model focused on prevention, treatment, and rehabilitation, supported by more than 40 years of experience in care delivery and operations. Its offerings span managed health services and medical care across multiple markets. It was listed as a ransomware victim associated with ransomhouse.

Jeppesen is a U.S.-based aviation and transportation company headquartered in Denver, Colorado, with additional operations in Gothenburg, Sweden. It provides flight information, navigation data, flight planning, and operations and logistics software and services for airlines and other air operators. The company is a Boeing subsidiary and has long served the global air-transport sector with tools designed to improve efficiency and reliability. Jeppesen was listed as a ransomware victim associated with blackbasta.

The Exchange Bank is a U.S. community bank in the Finance / Legal / Insurance sector, serving customers through local branches and standard banking services. Its offerings include deposit accounts and lending, with commercial, residential, and consumer loan options. The bank presents itself as a full-service institution focused on personal and business banking. It was listed as a ransomware victim associated with blackbasta.

Sterling is a nonprofit-focused banking and support brand in Nigeria, known for serving NGOs and associations through fee-free corporate account services and related financial tools for charitable organizations. Its offerings are designed to help nonprofit groups reduce operating costs and manage everyday banking needs more efficiently. Public reporting describes Sterling CARES as a free banking service aimed at legal entities operating for social benefit, with a focus on supporting philanthropy and sustainable development work. Sterling was listed as a ransomware victim associated with blackbasta.

MARK-TAYLOR is a communication and marketing company that provides branding, messaging, and related services for business audiences. Public company materials also place Mark-Taylor, Inc. in the United States, reflecting its commercial footprint in the U.S. market. In a threat-intelligence index, the entity is cataloged under the Communication / Marketing sector. It was listed as a ransomware victim associated with royal.

Polyflor.co.nz operates as a vinyl flooring specialist in New Zealand, offering commercial and residential flooring solutions since launching in Australia and New Zealand in 1963. The company provides tailored flooring products for diverse needs including aged care and commercial projects, with support throughout customer projects. Based in New Zealand, Polyflor.co.nz serves clients across the Communication and Marketing sector with durable vinyl flooring options. The entity was listed as a ransomware victim associated with Lockbit3, reflecting its inclusion in threat-intelligence records of affected organizations.

Catalyst Group is a New Zealand services company based in Auckland that provides commercial property solutions, including end-to-end design and build, project delivery, and fit-out consultancy. The company says it has delivered commercial property work nationwide since 1999 and maintains in-house expertise across architects, designers, engineers, builders, and contract managers. Public business listings also place its headquarters in Auckland and identify it as a New Zealand company. It was listed as a ransomware victim associated with lockbit3.

stmc.edu.hk is the website of Sha Tin Methodist College, a government-subsidized secondary school in Sha Tin, Hong Kong, sponsored by the Methodist Church, Hong Kong. Founded in 1983, it serves local students and provides secondary education, with school information, academic details, and contact resources published on its site. The institution operates in Hong Kong’s education sector and is associated with the local school system. It was listed as a ransomware victim associated with lockbit3.

Monte Cristalina S.A. is a Brazil-based manufacturing company, according to business directory and company-profile sources that identify it in the manufacturing sector. Available profiles place the company in Brazil and describe it as a small operating business, but do not provide a detailed public product or service line. The company name is also associated with Brazilian corporate records and directory listings. It was listed as a ransomware victim associated with lockbit3.

jka.co.uk is a retail and e-commerce business operating in Great Britain, offering online shopping services to customers across the UK. The company is based in Great Britain and focuses on delivering retail products through its digital platform. It was listed as a ransomware victim associated with the threat actor lockbit3.

Mayflower Dental Group is a dental care provider in Nova Scotia, Canada, with offices in Sydney, Sydney River, Sydney Mines, North Sydney, and Glace Bay. It offers general dentistry services across multiple locations serving patients in Cape Breton. The practice presents itself as a local provider focused on accessible family dental care. It was listed as a ransomware victim associated with lockbit3.

Agri Obtentions is a French seed company based in Guyancourt, France, and a subsidiary of INRAE. Founded in 1983, it develops, promotes, and commercializes varietal innovations for agriculture, including crop and seed solutions for farming systems. Its work supports research-led breeding and the supply of plant varieties to the agricultural and food chain. It was listed as a ransomware victim associated with LockBit3.

womgroup.com is the website of Worldwide Oilfield Machine (WOM), a multinational oilfield equipment manufacturer with operations in India and other global locations. The company says it provides custom solutions for drilling, testing, production, and intervention equipment for the upstream oil and gas sector. Its India presence is reflected in its Pune, Maharashtra location and broader manufacturing and engineering footprint. It was listed as a ransomware victim associated with lockbit3.

RGV Firm operates as a Texas trial law firm serving clients in business and commercial litigation, construction industry litigation, insurance litigation, and personal injury matters. Its website and professional listings show a practice centered on insurance and civil disputes, with offices in McAllen, Texas. The firm serves the Finance / Legal / Insurance sector and presents itself as a litigation-focused legal services provider. It was listed as a ransomware victim associated with lockbit3.

Business Central NZ is a New Zealand business membership association based in Wellington and serving employers and clients across the country. It provides business support services including employment relations advice, human resources consulting, health and safety support, legal guidance, and export services. The organisation also offers an AdviceLine and other member-focused support through its Business Central and Wellington Chamber network. It was listed as a ransomware victim associated with lockbit3.

Mercury IT is a New Zealand ICT services organisation that provides IT support, IT infrastructure, private and public cloud, cybersecurity, internet services, telecommunications, and software development. It serves organisations across New Zealand from offices in Auckland, Wellington, Hamilton, Christchurch, Tauranga, Queenstown, and Melbourne. The company presents itself as a full-service IT provider for business customers seeking managed technology support. It was listed as a ransomware victim associated with lockbit3.

senateshj.com belongs to SenateSHJ, an Australian communication and public relations consultancy based in Melbourne and Sydney. The firm helps organisations manage reputation, change, and engagement through communication services. Public profiles describe it as one of Australasia’s successful independent consultancies serving clients across the sector. It was listed as a ransomware victim associated with lockbit3.

Accuro.co.nz is the website for Accuro, a 100% New Zealand-owned, not-for-profit health insurer now operating under UniMed. It provides health insurance for individuals, families, children, visitors, work visa holders, and businesses, with products such as SmartCare, SmartCare+, KidSmart, SmartStay, StaffCare, and StaffCare+. The company serves members from New Zealand and offers cover and claims support through its member portal and related policy services. It was listed as a ransomware victim associated with lockbit3.

Doctors Center Hospital is a healthcare provider in Puerto Rico, with locations in San Juan and Dorado under the Doctors' Center Hospital Orlando Health name. Its facilities offer hospital care and related services such as imaging, laboratory testing, a pharmacy, and other patient services. The organization serves patients across the island through coordinated clinical and support operations. It was listed as a ransomware victim associated with projectrelic.

TLC is a communication and marketing company based in the United States. Public business listings describe it as a boutique firm that provides marketing consulting and related promotional services to help local businesses connect with customers. In industry directories, TLC is also characterized as offering creative marketing support and communications services. It was listed as a ransomware victim associated with karakurt.

Bevolution Group is a Chicago, Illinois-based food and beverage manufacturer serving the hospitality, foodservice, and tourism markets. It produces beverage solutions including smoothie bases, cocktail mixes, juices, concentrates, and related shelf-stable and frozen products. Public company profiles also describe operations in manufacturing and distribution for institutional and commercial customers. The company was listed as a ransomware victim associated with Karakurt.

OPUS IT Services Pte Ltd is a Singapore-based services company that provides IT services and solutions, with a principal activity in computer and peripheral maintenance and help desk services. Public company profiles also describe its offerings as enterprise IT support outsourcing and customer support. The company is registered in Singapore and operates from Kaki Bukit Avenue 1. It was listed as a ransomware victim associated with play.

H-Hotels GmbH is a family-run hotel company with nearly 50 years of experience, operating over 60 properties across Germany, Austria, Switzerland, France, and Hungary. The company manages facilities under its own brands including HYPERION, H4 Hotels, and H2, serving the Hospitality, Food & Beverage, and Tourism sectors. As one of the largest privately managed hotel companies in Germany, it is headquartered in Berlin and was acquired by Berlin-based HR Group in February 2026. H-Hotels was listed as a ransomware victim associated with the Play threat actor.

C???e????? ????????????? is an organization in the Other sector, based in South Africa, with activities reflected in its listing name and business profile. Public threat reports describe Play as a ransomware group that targets organizations across sectors and uses double extortion to pressure victims. In this index, C???e????? ????????????? is listed as a ransomware victim associated with Play.

Creta Farm is a Greek food company based in Athens, Greece, and it operates in the agriculture and food sector. Company profiles describe it as a producer of packaged food products, including pork meat, cold cuts, and other meat products, and note its food-services activity. It has also been described as a major Greek meat producer. Creta Farm was listed as a ransomware victim associated with play.

Conform is an Other-sector company based in the United States. Publicly available search results do not provide enough authoritative detail to verify its specific offerings or operations. Royal is a ransomware variant first observed in 2022 and used against organizations across multiple sectors worldwide. Conform was listed as a ransomware victim associated with Royal.

S?????????? is an Other-sector organization. Publicly available sources in the threat-intelligence record do not provide enough verified detail here to identify its location or offerings without risking speculation. Play is a financially motivated ransomware group known for double-extortion attacks, and this listing records S?????????? as one of its victims. The entry notes S?????????? as a ransomware victim associated with play.

All Seasons Global Solutions is a Kearny, New Jersey-based services company that provides moving, storage, furniture installation, warehousing, and hospitality project support. Its public materials describe turnkey services for commercial and residential relocations, FF&E work, logistics, and project management. The company operates from 909 Newark Tpke in Kearny and serves clients across related service lines. It was listed as a ransomware victim associated with royal.

Australian Real Estate Group Pty Ltd is an Australian company in the Construction / Real Estate sector, with a registered presence in Victoria, Australia. ABN Lookup lists the entity under that name and classifies it as active, indicating it operates as a corporate business in the Australian market. Companies in this sector commonly provide property-related services, development, investment, or project delivery. It was listed as a ransomware victim associated with bianlian.

University Institute of Technology of Paris is a French higher-education institution in the education sector, based in Paris. As a university technical institute, it offers post-secondary programs designed to provide professional and technical training linked to specific careers. Its mission emphasizes academic quality, innovation, and professionalization for students. It was listed as a ransomware victim associated with vicesociety.

Arsat (Empresa Argentina de Soluciones Satelitales S.A.) is Argentina’s state-owned telecommunications company, headquartered in Benavídez, Buenos Aires Province. It provides satellite communications, operates data centers, and manages the Federal Fiber Optic Network and digital terrestrial television infrastructure. The company supports national connectivity and digital services across Argentina. It was listed as a ransomware victim associated with play.

JMicron Technology Corporation is a Taiwan-based fabless IC design company headquartered in Hsinchu Science Park, Hsinchu, Taiwan. Founded in 2001, it develops semiconductor solutions for high-speed data and signal interfaces, including bridge controllers and storage-related chips. The company operates in the Other sector and serves global electronics markets. It was listed as a ransomware victim associated with play.

Mol is a business in the Other sector; the available search results do not provide a reliable public profile for its country, offerings, or operating footprint. Because the entity name is not clearly identifiable from the results, no additional company details can be stated with confidence. Royal is a ransomware threat group known for targeting organizations across multiple sectors. Mol was listed as a ransomware victim associated with Royal.

Publicare is a public sector organization in the United States, a category that includes government-run services and institutions that support the public. Public-sector bodies typically provide essential services such as education, transportation, utilities, health, and other civic functions. In this index, Publicare is cataloged as a ransomware victim associated with the threat actor vicesociety.

Spa is an other-sector entity with no additional public profile provided in the available sources, so its exact location and offerings cannot be confirmed here. BianLian is a highly active ransomware and extortion group that has targeted organizations across multiple sectors, including professional services, manufacturing, healthcare, and property development, with activity reported in North America, Europe, India, and Australia. Public reporting describes BianLian as an extortion-focused actor that pressures victims through data theft and leak-site exposure, rather than relying solely on encryption. Spa was listed as a ransomware victim associated with BianLian.

Company, LLC is a limited liability company in the Services sector, a business form that separates the company from its owners and is commonly used by small and midsize firms. As an LLC, it operates as a distinct legal entity under state law, with the flexibility and liability protection associated with this structure. Public details on its offerings and location are not available in the provided sources. It was listed as a ransomware victim associated with bianlian.

Q.E.P. Co., Inc. is a U.S.-based company headquartered in Boca Raton, Florida, and it presents itself as a global brand serving the home-improvement and flooring market. Its business focuses on tile installation tools and related products, with operations and facilities in the United States, Canada, Europe, and Asia. Public company materials and branding pages also identify marketing communications as a corporate function within the organization. Q.E.P. was listed as a ransomware victim associated with Royal.

The Keenan Agency Inc is a long-established insurance agency based in Dublin, Ohio, providing commercial and personal insurance solutions to thousands of clients across Central Ohio. Founded in 1938, the agency offers home, auto, business, and renters insurance through partnerships with major carriers like Travelers and Liberty Mutual. It operates as an independent insurance services office serving the Communication and Marketing sector within the US market. The Keenan Agency Inc was neutrally listed as a ransomware victim associated with the threat actor royal.

Lamtec Corporation is a privately owned building materials supplier based in Mount Bethel, Pennsylvania, in the United States. It describes itself as a global supplier of insulation vapor retarders and facings for leading manufacturers, laminators, and fabricators. Company profiles also place it in wholesale building materials and note its work serves the building products market. In threat-intelligence listings, Lamtec was reported as a ransomware victim associated with Royal.

Naulty, Scaricamazza & McDevitt, LLC is a client-focused regional defense litigation law firm based in Philadelphia, Pennsylvania, serving clients across Pennsylvania, New Jersey, and Delaware. The firm operates in the legal services sector and is described in industry listings as a full-service defense law practice in the Philadelphia metropolitan area. It was listed as a ransomware victim associated with royal.

Cristal Controls is a Quebec-based company that develops energy management, lighting control, temperature control, humidity control, and automation systems for commercial and industrial buildings. Its website says it has operated in Quebec since 1991 and describes solutions for lighting, heating, and energy management, alongside SCR/SSR controllers and related products. Company materials also list an office in Quebec City, Canada, and an online service for selling electronic products and accessories. It was listed as a ransomware victim associated with royal.

M2S Electronics operates in the Communication / Marketing sector and presents supply-chain-focused services through its Canadian business. Its public materials describe customized programs designed to anticipate uncertainty, reduce supply-chain risk, and support inventory planning. The company name is also used in industry pages for electronics-related operations, but the public record provided here is limited. It was listed as a ransomware victim associated with royal.

Los Angeles Business Journal is a Los Angeles, California-based business news publisher that covers the local economy and provides editorial, research, print, and digital subscription offerings. It operates from Santa Monica Boulevard and publishes business news, lists, and special supplements for readers and subscribers in the region. Its coverage focuses on the companies, industries, and market activity shaping the Los Angeles area. The organization was listed as a ransomware victim associated with royal.

Virginia Farm Bureau is a Virginia-based organization focused on agriculture and rural communities, with headquarters in Richmond, Virginia. It promotes the future of Virginia agriculture and supports farmers through membership, advocacy, and related services. Its agriculture programs include grain purchasing from Virginia farmers, while its broader family of companies also includes insurance and health-related offerings. Virginia Farm Bureau was listed as a ransomware victim associated with royal.

McAndrews Law Offices is a Pennsylvania law firm founded in 1982 and based in Berwyn, with a Forest City office also listed in public profiles. The firm provides legal representation in special education, estate planning, elder law, disability matters, and related family-focused services. Its website describes a national practice serving clients across Pennsylvania and nearby states. McAndrews Law Offices was listed as a ransomware victim associated with Royal.

The Law Firm of Friedman + Bartoumian is a US-based legal entity operating within the Finance, Legal, and Insurance sectors, specializing in litigation, regulatory, and transactional representation for multinational and Fortune Top 100 clients. The firm offers broad legal expertise including workers' compensation defense, business litigation, insurance law, employment law, and general liability defense. It is headquartered in Agoura Hills, California, and has been recognized for its expertise in insurance law and service to major insurance carriers. The firm was recently renamed to The Law Offices of Heywood G. Friedman, reflecting its evolution while maintaining its core practice areas. The Law Firm of Friedman + Bartoumian was listed as a ransomware victim associated with the royal threat actor.

Tubular Steel Inc is a steel products company in the manufacturing and engineering sector, headquartered in St. Louis, Missouri, with operations in Canada as listed in this index. It distributes and processes carbon, alloy, and stainless steel pipe, tubing, and bar products for industrial customers, and says it provides tube and pipe solutions that help reduce fabrication and manufacturing costs. Company materials also describe multiple operating sites and a broad inventory of pipe and tube combinations. It was listed as a ransomware victim associated with royal.

RMCLAW appears to operate in the Finance, Legal, and Insurance space in the United States, serving clients where regulatory, contractual, and security controls are critical. Public-facing source material does not provide a reliable description of its specific offerings, so the company is best characterized by its sector and location. In threat-intelligence catalogs, it is indexed because of a ransomware event attribution. RMCLAW was listed as a ransomware victim associated with royal.

Cates Control Systems is a U.S.-based industrial automation and controls company in the Services sector, headquartered in Plano, Texas. It designs and implements control systems, with offerings that include system integration, panel fabrication, process automation, instrumentation, and control products for manufacturers. The company says it has supported industrial automation and control applications for more than 40 years. It was listed as a ransomware victim associated with royal.

Trussbilt LLC is a U.S.-based manufacturer serving the building construction and security market, with headquarters in Vadnais Heights, Minnesota, and operations in Huron, South Dakota. It produces detention and security products, including security wall panels, detention doors and frames, security ceilings, security floors, and related specialty systems for new construction and retrofit projects. The company also provides services for architects and offers design/build support for security-focused applications. Trussbilt LLC was listed as a ransomware victim associated with Royal.

Duplicator Sales & Service is a family-owned office technology company based in Louisville, Kentucky, serving Louisville, Lexington, Elizabethtown, and Southern Indiana. Founded in 1959, it provides office equipment, service, supplies, and related print and IT support for businesses and organizations. The company also operates from additional Kentucky locations, including Lexington. It was listed as a ransomware victim associated with royal.

PGT Innovations is a Florida-based manufacturer and supplier in the fenestration and garage door industries, best known for windows and doors. The company was headquartered in Nokomis, Florida, and described its portfolio as focused on impact-resistant and technically advanced products. It operated as a national brand before being acquired by MITER Brands. PGT Innovations was listed as a ransomware victim associated with Royal.

Summit Companies is a U.S.-based fire protection and life safety services provider headquartered in Mendota Heights, Minnesota. It operates nationally, serving facilities across industries and regions with fire suppression, alarm, inspection, and related safety services. Public company information describes it as a specialized provider focused on full fire and life safety coverage. It was listed as a ransomware victim associated with royal.

Adams-Friendship Area School District is a public K-12 school district located in Friendship, Wisconsin, serving approximately 1,286 students across Adams County with grades from PK to 12. The district operates three schools and provides comprehensive educational programs to its community, with a corporate office at 201 W 6th St in Friendship. It is part of the broader Education sector in the United States, focusing on early literacy and middle school initiatives. Adams-Friendship Area School District was neutrally listed as a ransomware victim associated with the Royal threat actor.

Vincent Fister, Inc. is a family-owned moving and storage company established in 1953, headquartered in Lexington, Kentucky. The firm provides full-service packing, unpacking, crating, and debris removal, with specialized transport for medical centers, schools, and military relocations. It serves residential, commercial, and long-distance clients across Central Kentucky and beyond. Vincent Fister, Inc. was listed as a ransomware victim associated with the royal threat actor.

Leo Hamel Fine Jewelers is a jewelry retailer based in San Diego, California, with locations in the San Diego area. Its offerings include vintage and new jewelry, luxury watches, custom designs, jewelry repairs, appraisals, and estate buying. The company has operated in San Diego since 1980 and serves customers through its storefronts and jewelry-buying services. It was listed as a ransomware victim associated with royal.

Gage Brothers is a Sioux Falls, South Dakota company known for precast concrete manufacturing and related construction products for commercial and infrastructure projects. The business has operated in Sioux Falls since 1915 and has maintained its plant on North Bahnson Avenue, serving the regional construction market with engineered concrete solutions. Public company information also identifies it as part of the broader concrete manufacturing sector. It was listed as a ransomware victim associated with karakurt.

Rudman is a United States business in the broad “Other” sector, but publicly available sources in this search set do not clearly identify its core offerings, so the company should be described conservatively. The name appears in a threat-intelligence context rather than as a widely documented operating brand, and no verified first-party incident details are available here. In cataloging terms, Rudman is treated as a ransomware victim entry for intelligence indexing and entity correlation. It was listed as a ransomware victim associated with bianlian.

Meisenkothen refers to Early, Lucarelli, Sweeney & Meisenkothen, a U.S. law firm with offices in New York, New York, and New Haven, Connecticut. The firm focuses on legal services for mesothelioma victims and their families, including asbestos-related claims and related representation. Its practice is centered on plaintiff-side asbestos and mesothelioma matters, making it part of the professional services sector in the United States. It was listed as a ransomware victim associated with bianlian.

hcisystems.net belongs to HCI Systems, Inc., a California-based services company that operates as a licensed systems integration contractor. The company says it provides fire protection, life safety, security, nurse call, and related services, with headquarters in Ontario and additional California offices. Its offerings include sales, engineering, installation, service, and maintenance for commercial and industrial facilities. It was listed as a ransomware victim associated with bianlian.

Eureka Casino Resort is a hospitality property in Mesquite, Nevada, offering hotel accommodations, a casino, dining, and resort amenities for visitors and local guests. Its website highlights guest rooms, restaurants, special offers, and leisure services, reflecting a tourism-focused entertainment venue. The property is associated with the eurekamesquite.com domain and is located on Mesa Boulevard in Mesquite. It was listed as a ransomware victim associated with bianlian.

Emilio Sanchez American School is a private international school in the education sector, with campuses in El Prat de Llobregat near Barcelona, Spain, and in Naples, Florida, in the United States. It offers an international curriculum, including Advanced Placement programs, and operates within the Emilio Sánchez Academy environment, where sports form part of the school experience. The school presents itself as a cross-border option for students seeking an international education in a bilingual, college-preparatory setting. It was listed as a ransomware victim associated with bianlian.

Aria Systems is a San Francisco, California-based software company in the services sector. It provides Aria Billing Cloud, a SaaS billing automation platform built to support complex usage and subscription business models. The company also promotes related go-to-market services and support through its platform. In threat-intelligence listings, Aria Systems was identified as a ransomware victim associated with BianLian.

CIMT College is a private career college in Ontario, Canada, with campuses in Mississauga, Brampton and nearby Greater Toronto Area locations. Its official site describes diploma programs and certificate courses in business, PSW, IT, healthcare, telecom and trades, serving students seeking job-oriented training. The college presents itself as a registered career college with multiple campus locations and career-focused offerings. It was listed as a ransomware victim associated with bianlian.

ZXP Technologies is a Texas-based company headquartered in Highlands, Texas, that operates in specialty lubricant manufacturing, blending, packaging, and distribution. Public company profiles describe it as a provider of premium lubricant-based products and related supply services for industrial and commercial customers. Its business is listed in the IT sector for this catalog entry, reflecting the indexing framework rather than a public corporate classification. It was listed as a ransomware victim associated with bianlian.

Universidade Catolica Portuguesa is a prestigious private university established in 1967, headquartered in Lisbon, Portugal, with four campuses across Lisbon, Braga, Porto, and Viseu. The institution offers undergraduate and graduate programs in diverse fields including business, economics, human sciences, political science, and social and cultural communication studies. It is home to 19 faculties, with 8 located at its Palma de Cima campus in central Lisbon, and is recognized as the best university in Portugal for four consecutive years. Universidade Catolica Portuguesa was listed as a ransomware victim associated with the threat actor vicesociety.

MCFT is a UK business that specializes in the maintenance, procurement, and servicing of commercial kitchen and refrigeration equipment. Its website describes global commercial kitchen equipment maintenance services and notes a UK head office in Maidenhead, Berkshire. The company says it supports foodservice operators with industry-focused IT solutions and equipment transparency. It was listed as a ransomware victim associated with LockBit3.

Mark-Taylor is a privately held real estate company based in Scottsdale, Arizona, focused on multifamily development, ownership, investment, and property management. It operates in the residential rental sector and is known for luxury apartment communities across Arizona and other U.S. markets. The company presents itself as a regional developer and manager of premier multifamily communities. It was listed as a ransomware victim associated with hive.

Expand Group is a Services-sector company based in the United States. Publicly available business context for the name is limited in the provided results, so this listing uses only the confirmed sector and country. It is indexed here for threat-intelligence reference under the Hive ransomware ecosystem. The company was listed as a ransomware victim associated with hive.

Petmate is a Texas-based pet products company headquartered in Arlington, Texas, with a history dating to 1959-1960. It manufactures and markets a broad range of pet supplies, including toys, bowls, collars, leashes, beds, feeders, and other accessories, serving retail partners in the pet care market. Public company materials describe it as a global leader and a leading supplier and manufacturer of pet products. It was listed as a ransomware victim associated with blackbasta.

Ban Leong Technologies Ltd is a Singapore-based technology products distributor in the IT sector. It is headquartered at Ubi Biz-Hub on Ubi Avenue 4 in Singapore and distributes IT accessories, multimedia, and data storage products across the region. The company has operated for more than three decades and is listed on the SGX Main Board. It was listed as a ransomware victim associated with mallox.

Batesville Products, Inc. is a US-based company headquartered in Lawrenceburg, Indiana, that operates as a full-service custom aluminum casting supplier. It produces permanent mold aluminum castings and offers services that include concept support and manufacturing for customer requirements. Public company profiles also describe in-house engineering and metal casting capabilities. In a threat-intelligence index, batesvilleproducts.com was listed as a ransomware victim associated with Karakurt.

pellastl.com is a U.S.-based website for Pella Windows & Doors of Greater St. Louis, a local window and door sales and installation business serving the residential building products market. The company promotes replacement and new-construction windows, patio doors, and entry doors for home improvement projects. Its offerings center on product selection, consultation, and installation support for customers in Missouri and the surrounding region. It was listed as a ransomware victim associated with blackbasta.

ITONCLOUD - LEAKED is a threat-intelligence index entry for an IT-sector organization in the United States, presented as a ransomware-victim listing. The name indicates a cloud-related IT business, but public sources in this dataset do not provide a verified corporate profile, product catalog, or service description. Ragnar Locker is a ransomware group known for encrypting systems and threatening data leaks, and its leak-site listings are used to publicize alleged victims. ITONCLOUD - LEAKED was listed as a ransomware victim associated with ragnarlocker.

VFS Global is a visa and passport administration outsourcing company that serves governments and diplomatic missions worldwide, headquartered in Dubai and Zurich with operations in the United States and beyond. The firm provides comprehensive visa application, passport processing, and related administrative services for diplomatic entities across multiple countries. It operates visa application centers in locations such as Washington, DC, Malawi, and Ethiopia, facilitating visa and residence cases for nations including Norway, Austria, and France. VFS Global is majority owned by Blackstone, the world's largest alternative asset manager, and serves a global clientele in the Other sector. The company was listed as a ransomware victim associated with the threat actor play.

Cetrogar is an Argentine retail company based in Resistencia, Chaco, with operations in Argentina. It sells technology products, household appliances, and motorcycles through a network of branches and online channels. Company profiles describe it as a retail-sector business founded in 1980 in Chaco. In the threat-intelligence index, Cetrogar was listed as a ransomware victim associated with play.

Modular Mining Systems is a Tucson, Arizona–based services company that develops and supports mine management technology for the global mining industry. Its offerings include software and systems for fleet management, operations, planning, maintenance, safety, and information management. Public company profiles describe it as a privately held provider of interoperable mining solutions and a subsidiary of Komatsu. It was listed as a ransomware victim associated with bianlian.

BRYCON Construction is a general contractor founded in 1990 in New Mexico, specializing in cleanroom, warehouse, and industrial building construction across the Southwest. The company operates from Rio Rancho and Albuquerque, offering self-perform teams focused on quality, safety, and reliability for advanced technology projects. BRYCON has grown to be one of the largest industrial contractors in the region, serving clients in construction and real estate sectors. The firm was listed as a ransomware victim associated with the threat actor bianlian.

*****a*** law is a U.S.-based firm serving the Finance, Legal, and Insurance sectors, with legal-insurance offerings that can connect individuals and families to attorney networks for advice, document review, and representation. In practice, legal-insurance programs help customers access qualified counsel through prepaid or group plans, often as a workplace benefit. The firm was listed as a ransomware victim associated with bianlian.

Veolus is a Mexico-based company with headquarters in México, Distrito Federal, and a listed industry in electric power generation. It describes itself as a 100% Mexican-owned firm that develops, implements, and manages integrated solutions for sustainable growth. Its services include energy generation, energy efficiency, sustainable facility design, and operation and maintenance for infrastructure across multiple sectors. Veolus was listed as a ransomware victim associated with LockBit3.

tdtu.edu.vn is the official website of Ton Duc Thang University, a public university in Vietnam. The university is based in Ho Chi Minh City and also operates campuses in Khanh Hoa and Lam Dong provinces. It offers undergraduate, graduate, and international programs across a broad range of disciplines, with some study paths taught in Vietnamese and English. The domain was listed as a ransomware victim associated with lockbit3.

Sentecgroup.com is the corporate website of Sentec Group, a Taiwan-based company established in 1968 that serves the automotive, electronics, and semiconductor sectors. The firm, headquartered in Taoyuan City, provides integrated manufacturing solutions including surface mount technology assembly and mechatronics foundry services for OEM partners. With operations spanning Taiwan, India, China, and Thailand, Sentec Group employs over 1,000 people and delivers specialized services to global clients in the motor vehicle parts and energy industries. The company was neutrally listed as a ransomware victim associated with the Lockbit3 threat actor in the threat-intelligence index.

RK Foodland operates in India’s Agriculture / Food sector as a supply-chain and logistics company for food brands, retailers, QSRs, and related industries. Its website describes cold-chain storage, dry warehousing, distribution, and integrated transport services across a pan-India network. The company presents itself as a technology-driven partner for food distribution and supply-chain management. rkfoodland.com was listed as a ransomware victim associated with lockbit3.

LUXE PRINTING CO., LTD. operates in Taiwan and is based in Taipei. Its company site says it has produced membrane switches, graphic overlays, and touch screens for Taiwan’s industrial field since 1976. The business is associated with the communication and marketing sector through its listed classification and commercial branding. The domain luxeprint.com.tw was listed as a ransomware victim associated with LockBit3.

TOKO CO., LTD. is an industrial machinery manufacturer based in Higashikagawa, Kagawa Prefecture, Japan, with a Tokyo office. The company designs, manufactures, and sells hydraulic cutter systems, vacuum-forming machines, forming machines, punching dies, and related industrial equipment. Its website presents TOKO as a long-established manufacturer serving production and forming applications across industrial use cases. The domain k-toko.com is listed as a ransomware victim associated with lockbit3.

Jieh.vn is the official website of Japan International Eye Hospital, a private ophthalmology hospital in Hanoi, Vietnam. The hospital, established in 2014 and invested in by Japan-based Paris Miki Holdings, provides eye examinations, treatment, and surgical services. Its published services include refractive surgery, cataract care, and other eye treatments for patients in the capital. It was listed as a ransomware victim associated with lockbit3.

financierareyes.com.mx appears to be a Mexico-based business or service site in the broad “Other” sector, rather than a public-sector or regulated financial institution. The domain name suggests a branded commercial presence in Mexico, but the available evidence does not clearly identify its exact offerings or corporate profile. In threat-intelligence indexing, it is cataloged as a Mexico (MX) entity tied to the wider business landscape. It was listed as a ransomware victim associated with lockbit3.

dof.ca.gov is the official website of the California Department of Finance, a US state government agency based in California. The department advises the Governor on fiscal policy and helps prepare, explain, and administer the state budget. Its public services include budgeting, accounting, forecasting, revenue analysis, and related finance guidance for state operations. The entity was listed as a ransomware victim associated with LockBit3.

Amazing Global de Venezuela is a strategic business consulting and services firm located in Caracas, Venezuela, offering digital invoicing solutions, JD Edwards ERP consulting, and advanced infrastructure technologies. As a premier business partner of IBM and Oracle, the company delivers integrated information technology services across software and hardware domains for critical mission platforms. The organization has over 45 years of experience in the Venezuelan market, specializing in hybrid cloud solutions and fiscal compliance optimization. Amazing Global de Venezuela was neutrally listed as a ransomware victim associated with the LockBit3 threat actor.

2networkit appears to operate in the Telecommunications sector and provides technology-related services, including IT consultation, remote access design and implementation, and web hosting. Publicly available business references also describe 2Networkit as a cloud computing and IT services company. Its profile suggests a communications-focused organization with offerings tied to network support and digital infrastructure. It was listed as a ransomware victim associated with Cuba.

Una Seguros is an insurance company headquartered in Lisbon, Portugal, specializing in coverage for motorcycles, cars, and other assets. The firm focuses on expanding its customer base and portfolio within the Portuguese insurance sector. It provides tailored insurance solutions to individuals and businesses seeking protection for their vehicles and property. Una Seguros was listed as a ransomware victim associated with the play threat actor. The company operates under the insurance sector with its main office located at Avenida De Berna 24 d, Lisbon.

Antwerpen is a Belgian city and major port hub in the Port of Antwerp-Bruges, a key center for industry and logistics in northern Europe. The port area is home to Europe’s largest integrated chemical cluster and supports energy, maritime, and industrial activity. Antwerp also serves as a base for environmental, business, and conference operations across the city and port region. In threat-intelligence records, Antwerpen was listed as a ransomware victim associated with play.

REC Silicon is a Norway-based silicon materials company that produces high-purity silicon products for the solar and electronics industries. It operates two U.S.-based manufacturing facilities and sales support offices, including a site in Moses Lake, Washington. The company describes itself as a provider of silane gas, polysilicon and related advanced silicon materials for energy and technology customers. It was listed as a ransomware victim associated with ransomexx.

Municipalidad de Belén is an autonomous territorial institution in Costa Rica that promotes integral and equitable development while administering public services. Located in Belén, it offers essential municipal offerings including service administration and community development programs. The entity operates within the Public Sector, serving residents with efficient and innovative service delivery. Municipalidad de Belén was neutrally listed as a ransomware victim associated with the threat actor Karakurt.

William A. Kibbe & Associates, Inc. is a professional design firm based in Saginaw, Michigan, with additional offices in Grand Rapids and Traverse City. The company provides architectural, engineering, surveying, energy conservation, and broader design services across disciplines. Its service portfolio includes civil, electrical, mechanical, structural, and BIM-related work for clients in the United States. It was listed as a ransomware victim associated with karakurt.

Infinitum is a Texas-based industrial technology company headquartered in Round Rock, United States. It develops air-core electric motor and fan technologies for commercial HVAC, industrial, and related applications, with a focus on efficiency and reduced energy use. The company was founded in 2016 and markets products for airflow and motor systems across industrial markets. It was listed as a ransomware victim associated with karakurt.

Hiersun Jewelry Co Ltd is a Beijing-based jewelry company in China, operating in the luxury goods and jewelry sector. Company profiles describe Hiersun as an established domestic diamond and jewelry business founded in 1999, with offerings that include jewelry products such as diamond and gold pieces. Its business presence is associated with retail and wholesale jewelry activity in the services sector. It was listed as a ransomware victim associated with karakurt.

Energy Transfer Durafin Tubes, formerly known as Energy Transfer, is a primary supplier of finned tubes, pipes, and heat exchanger parts located in Minerva, Ohio, within the Energy sector. The company provides heat transfer solutions to the HVAC industry that improve heating and cooling efficiency, prevent system failures and overheating, and ensure compliance with industry standards. Since 1984, it has served as a trusted OEM partner in manufacturing finned and enhanced tubes, with operations entirely based in the United States. In 2022, the company renamed itself Durafin Tube to reflect its corporate focus while continuing its legacy offerings. The entity was listed as a ransomware victim associated with the threat actor karakurt.

KINSHOFER GmbH is a German manufacturer based in Holzkirchen, Bavaria, with headquarters at Raiffeisenstraße 12. It offers attachments for loader cranes, hydraulic excavators, and related equipment, and its group serves construction, landscaping, demolition, recycling, scrap, material handling, foundation, and drilling markets. The company says administration, development, sales, and marketing are based at its Holzkirchen headquarters, with production in Waakirchen-Marienstein. It was listed as a ransomware victim associated with karakurt.

APSM Systems is a Phoenix, Arizona–based company that provides custom sheet metal fabrication and related manufacturing services, including prototyping, assembly, coating, and circuit board work. Public business profiles also describe it as a contract manufacturer serving industrial and technology-related needs in the Services sector. APSM is associated with operations in the United States and has been reported with a Phoenix address. It was listed as a ransomware victim associated with karakurt.

Latitude 37 is an Australia-based luxury home builder headquartered in Melbourne, Victoria. It designs and constructs bespoke residential homes, with a focus on custom projects and complex sites. The company presents itself as a one-stop provider for luxury home design and construction, serving clients across the Melbourne area. Latitude 37 was listed as a ransomware victim associated with karakurt.

South Jersey Glass & Doors is a New Jersey-based glass and glazing contractor founded in 1927, specializing in commercial and residential glass, windows, doors, and hardware sales and installation. The company operates multiple locations across South Jersey, including Vineland, Glassboro, Berlin, Marmora, and Wildwood, providing 24-hour emergency repair services for buildings. It offers a wide range of building solutions, including custom shower doors, aluminum framing, storefronts, and coastal glass solutions for shore properties. South Jersey Glass & Doors was listed as a ransomware victim associated with the threat actor karakurt.

APECQ, the Association patronale des entreprises en construction du Québec, is a bilingual, multisectoral association based in Montreal, Quebec, Canada. It represents and supports construction business leaders and offers services such as business start-up guidance, licensing support, and operational advice for the Quebec construction industry. The organization describes itself as a cross-sector hub for the province’s construction sector and a major business network. It was listed as a ransomware victim associated with karakurt.

Bergamo Metal is a Manufacturing and Engineering company located in Bergamo, Italy, specializing in metal fabrication and precision engineering solutions. The firm offers custom metalworking services, including laser cutting, stamping, and assembly for industrial clients. As part of the regional manufacturing sector, it supports OEMs and engineering projects with high-tolerance components. The company was listed as a ransomware victim associated with the threat actor karakurt, reflecting ongoing cybersecurity risks in the industry.

Metroclean is a Houston-based integrated facility management services provider that delivers commercial custodial, maintenance, and management services for education, healthcare, industrial/manufacturing, commercial, and government clients. The company says its headquarters are at 9000 Southwest Freeway, Suite 412, Houston, Texas, and it also lists operations in Austin and Nashville. Its website describes Metroclean as a full-service provider focused on quality work and customer peace of mind. It was listed as a ransomware victim associated with karakurt.

Davenport Community School District is a public school district in Davenport, Iowa, in the United States, serving students from preschool through high school. The district operates 32 schools, including elementary, intermediate, high school, preschool, and alternative education sites, and serves a large K-12 community. It is the third largest school district in Iowa and employs more than 2,000 education professionals. The district was listed as a ransomware victim associated with karakurt.

Qualified Staffing is a U.S.-based recruiting and staffing services company headquartered in Flint, Michigan, with offices across multiple states. Founded in 1988, it provides temporary work, direct placement, executive recruitment, outsourcing, and vendor on-site staffing services. The company serves employers and job seekers through workforce placement and related employment support. It was listed as a ransomware victim associated with karakurt.

Özel GözAkademi Hastanesi is a healthcare provider in Merkezefendi, Denizli, Turkey, serving patients from its clinic on 29 Ekim Bulvarı. Public listings describe it as a hospital focused on eye health, with ophthalmology care and related medical specialties. The hospital also promotes laser eye surgery and other vision treatments through its own channels. It was listed as a ransomware victim associated with karakurt.

Medilife Hastanesi is a private healthcare provider in Istanbul, Türkiye, with facilities in districts including Bağcılar and Beylikdüzü. Its services include hospital-based care, emergency treatment, intensive care, maternity and outpatient medical services. The network’s Bağcılar site opened in December 2014, and its listed contact details place the organization in Istanbul. Medilife Hastanesi was listed as a ransomware victim associated with karakurt.

ipb Baggenstos Montagen AG is an architectural and engineering company headquartered in Baar, Switzerland, specializing in installation and maintenance services for the electronics industry. The firm focuses on project, process, and service delivery, including the creation, upkeep, and financing of internal cable television and fiber-to-the-home distribution systems. It operates with fewer than 25 employees and serves commercial and residential construction sectors across Switzerland. The company was listed as a ransomware victim associated with the threat actor karakurt.

The Summit Corporation Limited is a privately held Bangladeshi energy and infrastructure group based in Dhaka. It operates across power generation and related industrial infrastructure, and its public profile notes major firsts in the country, including a tank terminal, container terminal, and independent power plant. The company presents itself as part of the private sector with a broad industrial footprint. The Summit was listed as a ransomware victim associated with karakurt.

Urban is an entity operating in the Other sector, with its primary location in the United States. While specific offerings are not publicly detailed, Urban functions within a broad corporate or organizational framework typical of entities in this classification. The group has been identified as a target of cyber-extortion activities. Urban was listed as a ransomware victim associated with the karakurt threat actor, which primarily targets smaller US-based companies and corporate subsidiaries.

San Benito Consolidated Independent School District is a public school district based in San Benito, Texas, in the United States. It serves students in PK-12 across multiple schools and provides district-wide education services, including administration, instruction, and student support. The district serves a large K-12 enrollment and operates as part of the public education system in its community. It was listed as a ransomware victim associated with karakurt.

Schrader-Pacific International, doing business as Schrader Pacific Advanced Valves, is a U.S. company based in Altavista, Virginia, with operations in France. It designs and manufactures specialty fluid-control and air-control valves for automotive and industrial applications, serving customers worldwide. The company presents itself as a long-running supplier of valve technology and related components. It was listed as a ransomware victim associated with karakurt.

Vercity is a UK-based public sector services company focused on asset management, transition support, and contract-expiry planning for government and defence clients. It says it manages infrastructure projects across military and civilian headquarters, strategic command facilities, and other public-sector environments. The company also provides tailored services for education and helps public bodies plan service delivery changes. Vercity was listed as a ransomware victim associated with karakurt.

Deerberg is a German lifestyle retail company based in Velgen near Lüneburg, Lower Saxony. It sells women’s apparel and related fashion items, including tops, trousers, jackets, shoes, bags, and accessories, through its retail and online channels. The company has operated since 1986 and serves customers from its headquarters in Germany. Deerberg was listed as a ransomware victim associated with karakurt.

Trantor is a technology services company founded in 2011 and headquartered in Menlo Park, California, with additional operations in India, Canada, and Costa Rica. Its services span web and mobile development, cloud, business intelligence, data, testing, and Salesforce consulting, serving clients through a dual-shore delivery model. Public company profiles also describe Trantor Software as developing tools that help lending companies automate loan origination, credit approval, collection, and renewal workflows. Trantor was listed as a ransomware victim associated with karakurt.

R1 Group is an ICT system integrator based in Rome, Italy, with 30 years of experience in the IT industry, offering project management and business process support services. The company operates as a network of specialized firms, including Eurome and Gway, delivering consulting, application world, and operational systems governance solutions. R1 Group was listed as a ransomware victim associated with the threat actor karakurt.

Club Asteria Belek is a hotel in Belek, Antalya, Turkey, set near the Mediterranean coast in the Üçkum Tepesi area. Travel listings describe it as a beachfront resort with its own beach area, spa facilities, and other guest amenities. The property is marketed as a large holiday complex serving leisure travelers in Turkey’s resort corridor. It was listed as a ransomware victim associated with karakurt.

Cheval Electronic Enclosure Co., Ltd. is a Thailand-based manufacturer specializing in the design and production of 19-inch enclosures and racks for data center infrastructure. Founded in 1987, the company operates its primary facility in Bangplee Industrial Estate, Samutprakarn, and has over 30 years of OEM/ODM experience in metal stamping and electronic enclosure solutions. It serves the global data center market with high-quality, configured racks assembled at its warehouse and logistic center. Cheval Electronic Enclosure was listed as a ransomware victim associated with the karakurt threat actor.

Cromwell Management Inc. is a Canadian real estate company headquartered in Montreal that owns, develops, and operates quality assets in major urban centers including Toronto, Montreal, and Quebec City. The company, founded in 1995, has diversified from multi-residential ownership into commercial, industrial, retail, and office properties across Canada. It is a private entity wholly owned by Georges Gantcheff, who has 25 years of experience in real estate investments. Cromwell Management Inc. was listed as a ransomware victim associated with the threat actor karakurt.

Ethigen Limited is a pharmaceutical wholesale company based in East Kilbride, Scotland, with a registered office at 10/16 Colvilles Place. It supplies generic medicines and other pharmacy products to retail pharmacies across the UK and Ireland. Company sources also describe it as a leading UK pharmaceutical distributor with a broad wholesale offering. Ethigen Limited was listed as a ransomware victim associated with karakurt.

Abdullah Al-Othaim Markets is a Saudi Arabia-based retail company headquartered in Riyadh. Its core business includes wholesale and retail sales through supermarkets, hypermarkets, and convenience stores, with a broader presence in e-commerce and consumer shopping services. The company operates in the retail and e-commerce sector and serves customers across the Kingdom of Saudi Arabia. It was listed as a ransomware victim associated with karakurt.

Legend Holdings is a China-based company primarily engaged in industrial operations, industrial incubations, and investments, with its headquarters located in Beijing. The firm operates as a diversified investment holding company, managing strategic and financial investments across sectors including IT and financial services. Its business model has evolved over more than three decades since starting in the IT industry, establishing an innovative approach to diversified holdings. Legend Holdings was listed as a ransomware victim associated with the threat actor karakurt.

PTSC, or PetroVietnam Technical Services Corporation, is a Vietnam-based energy services company within the Petrovietnam group. It provides diversified technical services for the petroleum and wider energy sectors, including oil and gas support and offshore renewable energy development. The company is headquartered in Ho Chi Minh City, Vietnam, and describes itself as a leading provider of technical services in Vietnam and the region. PTSC was listed as a ransomware victim associated with karakurt.

Regulatory Authority for Telecommunications and Posts (ARTP) is Senegal’s independent public regulator for the telecommunications and postal sectors, based in Dakar. It has legal personality and financial autonomy, and it issues regulatory decisions, drafts rules, and oversees licensing, equipment, and market competition in communications and posts. As a sector authority, it helps shape fair access and compliance across the telecom environment. It was listed as a ransomware victim associated with karakurt.

Roxboro Excavation Inc. is a construction company based in Dorval, Quebec, specializing in concrete work and earthmoving services. The firm offers site preparation, sewer and aqueduct work, paving, crushing, and asphalt services across Canada. It operates as a key partner in project management with a focus on high-quality machinery and growth strategy. Roxboro Excavation Inc. was listed as a ransomware victim associated with the threat actor karakurt.

Stratus is a U.S.-based business associated with the Other sector, with listed locations including Mentor, Ohio, and Rolling Meadows, Illinois. Public company profiles describe it as operating through multiple locations and serving customers as a commercial service provider. Its web presence and organizational details indicate a distributed U.S. footprint rather than a single-site operation. It was listed as a ransomware victim associated with Karakurt.

BauVal is a company in the Other sector; public sources used for threat-intelligence indexing do not provide enough verified detail here to identify its precise offerings or headquarters. Karakurt is a data-extortion threat actor known for stealing data and pressuring victims through public-release threats rather than routine file encryption. In catalog context, BauVal is recorded as an affected organization in this ransomware-victim listing. It was listed as a ransomware victim associated with karakurt.

Centrisys/CNP is a Wisconsin-based wastewater treatment equipment provider and manufacturer of decanter centrifuges for industrial and municipal applications. The company is headquartered in Kenosha, Wisconsin, and also operates locations in Stockton, California, and other countries. Its offerings include centrifuge systems, sludge thickening and dewatering equipment, and related service and maintenance. Centrisys CNP was listed as a ransomware victim associated with Karakurt.

Knox College is a private liberal arts college in Galesburg, Illinois, United States. It serves undergraduate students with a broad liberal arts curriculum and programs that include educational studies for future teaching licensure. The campus is city-based and the college describes itself as nationally ranked and devoted to personalized education. It was listed as a ransomware victim associated with Hive.

KO DA Pharmaceutical Co., Ltd., operating under koda.com.tw, is a Taiwanese pharmaceutical manufacturer established in 1980 that specializes in Chinese herbal extracts, health food supplements, and herbal materials. The company implements strict source management systems, assessing agricultural environments in China and enforcing formal contracts with farmers to ensure quality. Its products meet Taiwan national quality requirements for heavy metals, pesticide residuals, and sulfur dioxide, serving hospitals, dispensaries, and over 80% of domestic TCM medical centers. KO DA Pharmaceutical Co., Ltd. was listed as a ransomware victim associated with LockBit3.

Biotipo is a Brazilian jeans brand based in São Paulo, Brazil, with retail and wholesale-oriented operations focused on denim apparel. Its catalog highlights jeans for men, women, and plus size customers, and the company presents itself as a manufacturer and seller of clothing. Public contact and store information indicate locations in the Brás district of São Paulo. In threat-intelligence records, biotipo.com.br was listed as a ransomware victim associated with lockbit3.

oltax.com appears to be a United States-based online tax-preparation service that offers federal and state filing, with IRS-authorized e-file support and paid assistance options. Public materials for the related OLT brand describe secure online tax return preparation, e-filing, and support for taxpayers. In threat-intelligence indexing, the domain is categorized in the Other sector. It was listed as a ransomware victim associated with lockbit3.

Nexon Asia Pacific is an Australia-based digital consulting and managed services provider serving mid-market, enterprise, and government organisations across the country. It offers end-to-end IT services, including cloud, secure networks, unified communications, and managed security, from offices in Sydney and other Australian locations. The company operates in the Services sector and positions itself as a technology partner for improving productivity and continuity. It was listed as a ransomware victim associated with nokoyawa.

rhotelja.com is the website of R Hotel Kingston, a hospitality business in Kingston 10, Jamaica, at 2 Renfrew Road. The hotel presents itself as a leisure, business, and extended-stay property with 48 rooms and suites, plus dining and event services. Its offerings include accommodations, reservations, and Caribbean-fusion and international dining at District 5 Restaurant and a poolside sky lounge. The site and company materials place it in the hospitality sector serving travelers, business guests, and local diners. It was listed as a ransomware victim associated with lockbit3.

hawanasalalah.com is the website for Hawana Salalah, a tourism and hospitality destination in Dhofar, Oman, promoted as a large and fast-growing community with freehold homes and hotels. Public-facing materials show hotel reservations and hospitality services tied to the Hawana Salalah brand. The site also references a hospitality training center, indicating broader tourism development activity in the Salalah area. It was listed as a ransomware victim associated with lockbit3.

Maney | Gordon | Zeller, P.A. is an immigration law firm serving clients nationwide, with offices in Tampa, Florida, and Philadelphia, Pennsylvania. The firm describes more than 100 years of combined legal experience and offers legal help for visas, naturalization, and other immigration matters. Its public contact information also lists additional Florida locations in Tampa, Dade City, and Orlando. The firm was listed as a ransomware victim associated with blackbasta.

Atcore is a United Kingdom-based travel technology company that provides reservation, booking, e-commerce, and related software services for the leisure travel industry. It is headquartered in Slough, Berkshire, and its offerings are described as specialist products and services for travel operators and agencies. The company is positioned in the broader software sector, with a focus on travel infrastructure and service delivery. It was listed as a ransomware victim associated with blackbasta.

Dingbro Ltd is a family-owned Aberdeen-based UK company in the services sector, operating as a trade-only distributor of automotive components and related supplies. It serves the motor trade, truck and plant operators, offshore industry, oil service companies, marine engineers, and shipping customers across Scotland and nearby regions. Founded in 1973, Dingbro is described as Scotland’s largest independent motor factoring group. It was listed as a ransomware victim associated with blackbasta.

A.R. Thomson Group Inc. is a leading Canadian supplier of mechanical seals, gaskets, and instrumentation valves and fittings, operating 11 branches across the country. The company designs and manufactures industrial metallic and non-metallic gaskets, pump packing, and fluid containment products for diverse industries including oil and gas. Based in Surrey, British Columbia, it serves clients with high-quality sealing solutions and seal repair services backed by over 30 years of experience. A.R. Thomson Group was listed as a ransomware victim associated with the threat actor blackbasta.

Cleveland Brothers Equipment Co. is a Pennsylvania-based industrial machinery company headquartered in Murrysville, with branch locations across Pennsylvania, West Virginia, and Maryland. Founded in 1948, it serves construction, mining, forestry, and agricultural customers with Cat equipment sales, rentals, parts, service, and related support. Its regional network includes sales and service operations for equipment users across the Keystone and Panhandle states. It was listed as a ransomware victim associated with blackbasta.

AIRCOMECHANICAL is a mechanical contractor serving commercial and industrial customers in the energy-adjacent building services space. Public company listings describe Airco Mechanical, Inc. as a Sacramento, California firm focused on HVAC, plumbing, piping, and building control systems, while Airco Mechanical Services in Florida provides commercial HVAC and plumbing services. In Northern California, the company says it delivers cost-effective, energy-efficient mechanical systems for commercial and industrial facilities. It was listed as a ransomware victim associated with blackbasta.

Panolam Surface Systems is a Shelton, Connecticut-based manufacturer and supplier of integrated surface solutions for building and interior applications. The company says it has provided surface products for more than 70 years, including high-pressure laminates, thermally fused laminates, fiberglass reinforced laminates, and related specialty offerings. Its product line serves commercial and other building-materials use cases, and company profiles place it in the wholesale building materials and building products sector. It was listed as a ransomware victim associated with blackbasta.

SeaCast is a manufacturing company based in Marysville, Washington, in the United States. It specializes in high-precision investment castings and machined parts, serving aerospace, military, industrial, medical, transportation, and related sectors. The company also describes itself as an AS9100-certified manufacturer with deep experience in manufacturing engineering and investment-casting production. It was listed as a ransomware victim associated with blackbasta.

nworksllc is a Services-sector business in the United States; available public records do not clearly identify a single official company profile, offering, or headquarters for this exact name. In threat-intelligence listings, it appears as an indexed business entity rather than as a publicly documented brand with confirmed operational details. Its presence is noted in a ransomware-victim context associated with blackbasta. It was listed as a ransomware victim associated with blackbasta.

ChemiFlex is an industrial machinery manufacturer based in Lombard, Illinois, in the United States. The company says it designs, engineers, and manufactures polyurethane and silicone timing belts, serving sectors including medical, electronics, automotive, machinery, food and beverage, and pharmaceutical. Company profiles also describe it as a long-running supplier of custom and precision timing-belt solutions. ChemiFlex was listed as a ransomware victim associated with quantum.

Radical Sportscars, formerly Radical Sportscars, is a British racing and high-performance sports car manufacturer founded in 1997 by racing driver Mick Hyde and automotive engineer Phil Abbott in Cambridgeshire, England, now headquartered in Peterborough. The company produces purpose-built racing cars, delivering over 3,000 units since inception and manufacturing around 230 cars annually, ranking as the second largest volume producer of purpose-built racing cars globally, just behind Porsche. Radical offers single-marque race series, track day experiences, and road and race cars designed for high-speed performance on the track. The company was listed as a ransomware victim associated with the threat actor quantum.

Orotex is a mechanical and industrial engineering company based in Farmington Hills, Michigan, with operations tied to automotive manufacturing. Its website describes it as a global plastic injection manufacturer producing noise and anti-vibration control components for Tier-1 automotive customers. Public company profiles also link Orotex to parent-company operations in Japan and to a U.S. presence in Michigan. It was listed as a ransomware victim associated with quantum.

Acquarius Trust Group is a private client and corporate services firm based in Gibraltar. It provides trustee, company management, fiduciary, accounting, tax, payroll, and pension scheme administration services to private and corporate clients. The company is licensed and regulated by Gibraltar’s Financial Services Commission. It operates from Icom House on Irish Town in Gibraltar. It was listed as a ransomware victim associated with quantum.

Pilenpak is an Other-sector company in the country, and available public sources do not provide enough reliable detail here to confirm its exact offerings or operating profile. In threat-intelligence catalogs, it is identified by name as a corporate entity rather than a consumer brand, so the listing is best read as an organizational reference. Public reporting on Quantum describes a ransomware operation active in the early 2020s and associated with fast intrusion-to-encryption campaigns. Pilenpak was listed as a ransomware victim associated with quantum.

AHT Wisconsin Windows is a family-owned home improvement company based in Wisconsin that specializes in high-efficiency replacement windows and doors engineered for the state's extreme climate. The company serves residents across Clintonville, Appleton, Madison, and Green Bay, offering triple-pane, solid-core composite windows designed to resist warping, cracking, and energy loss. Its core offerings focus on energy-efficient solutions that help homeowners lower utility costs while maintaining comfort in harsh weather conditions. AHT Wisconsin Windows was listed as a ransomware victim associated with the threat actor quantum.

??????? is an organization in the Other sector with publicly available details not provided in the available sources. Play, also known as PlayCrypt, is a ransomware group that targets organizations worldwide through credential-based intrusions, data theft, and file encryption. It has affected victims across multiple industries and regions, including North America, South America, and Europe. ??????? was listed as a ransomware victim associated with Play.

Hilldrup is a family-owned American moving, storage, relocation, logistics, and workplace solutions company founded in 1903. It is headquartered in Stafford, Virginia, and operates multiple branch locations across the Mid-Atlantic and Southeast, serving residential, corporate, government, military, and employee mobility clients. The company describes itself as a long-established provider of moving and storage services with logistics support. It was listed as a ransomware victim associated with play.

New Partners Inc. is a New York City nonprofit organization in the Other sector, and Candid identifies it as a 501(c)(3) public charity. It is based in New York, New York. Public profile details confirm the entity name and location, but do not describe a commercial product line or service portfolio beyond its charitable status. In threat-intelligence records, New Partners was listed as a ransomware victim associated with vicesociety.

???? is an entity in the Other sector, and its specific public profile is not available from the provided sources. The listing indicates it operates in the country associated with the record, but no additional verified details about its offerings or business line are available here. Play is a ransomware group that targets organizations across many sectors with double-extortion attacks, stealing data and encrypting systems to pressure victims. ???? was listed as a ransomware victim associated with play.

Albina Asphalt is a construction-sector company based in Vancouver, Washington, with operations tied to Oregon and West Coast markets. It manufactures and distributes asphalt-related products, including road and paving materials, serving contractors and infrastructure customers. Company contact information lists its headquarters in Vancouver and identifies plant locations supporting its asphalt supply business. Albina Asphalt was listed as a ransomware victim associated with lorenz.

test is a company in the Other sector, but no reliable public source in the provided results identifies its location, offerings, or business profile with enough certainty to describe them accurately. Available reporting on Monti shows the group targeting organizations across legal, financial services, healthcare, and government sectors, with victims appearing on its leak site since 2022. Monti is a ransomware collective first identified in June 2022 after Conti's shutdown, and its activity has included Linux and VMware ESXi-focused variants. test was listed as a ransomware victim associated with monti.

Skoda Praha is a Czech company operating in the communication and marketing sector, with business activity centered in Prague, Czech Republic. Its work appears to focus on marketing communications, brand promotion, and related digital or campaign services for clients and partners. Public references indicate a Prague-based presence and an emphasis on communication and marketing offerings. It was listed as a ransomware victim associated with play.

MME Group is a services-sector contract manufacturer based in St. Paul, Minnesota. It provides full-service production support, including engineering, tooling, molding, assembly, and supply-chain management for regulated and consumer markets. Public company profiles also describe it as an injection molder and box-build manufacturer serving medical, government, and consumer products customers. It was listed as a ransomware victim associated with Play.

Highwater Ethanol, LLC is a fuel ethanol production facility located in Lamberton, Minnesota, operating within the energy sector as part of the oil and gas refining industry. The company produces and sells fuel ethanol along with co-products from the ethanol manufacturing process, utilizing third-party professional marketers for distribution. It is a 70 million gallon ethanol facility situated one mile west of Lamberton along US Highway 14. Highwater Ethanol was formed in May 2006 and reached actual production three years after its establishment. The company was listed as a ransomware victim associated with the play threat actor.

Wrota Mazowsza is the Mazovia region’s public spatial-information and e-services portal, operated from Warsaw by the regional geodesy and digitalization administration. It helps residents, businesses, offices, and investors access maps, land, buildings, roads, rail data, and other electronic public services. The portal is part of a wider regional GIS environment serving local government users across Mazovia. It was listed as a ransomware victim associated with play.

UJV Rez, a.s. is a Czech company based in Řež, near Prague, that provides engineering, research, and technical services for the energy, industry, and health sectors. It is known for applied research and development, with a long-standing focus on nuclear technology and support for power-plant safety and reliability. The company describes itself as one of the Czech Republic’s leading technology centers. It was listed as a ransomware victim associated with play.

????????? ???? ????? cannot be reliably identified from the available search results, which show only placeholder characters and no verifiable company profile. Based on the listing context, it is categorized in the Other sector, but no confirmed location, offerings, or public corporate details are available here. The entity was listed as a ransomware victim associated with play.

Feu Vert is a French automotive retail and service company founded in Lyon in 1972, known for car maintenance, repairs, and a wide range of auto products. It operates a network of more than 450 maintenance and repair centres across France, Spain, and Portugal, with headquarters in Boves, Hauts-de-France. The group serves motorists through workshops and retail offerings tied to vehicle upkeep and accessories. Feu Vert was listed as a ransomware victim associated with vicesociety.

g4s.com belongs to G4S, a British multinational private security company headquartered in London, England. The company provides integrated security services, including guarding, monitoring, and response solutions, and operates in more than 100 countries and territories. Its business spans physical security and related outsourced services for commercial and public-sector clients. The site was listed as a ransomware victim associated with LockBit3.

Amundson & Amundson is a New Zealand business communications company that provides professional answering services for clients in New Zealand and abroad. Its offerings include telephone, email, internet-based, and 24/7 message-handling support for businesses. The company describes a team of 40 trained telephone operators and positions its services around call answering and overflow support. It was listed as a ransomware victim associated with LockBit3.

myersontooth.com is the website of Myerson, a Chicago-based dental manufacturing company founded in 1917. It makes dental materials, denture teeth, and related equipment for removable prosthetics and digital dentistry. The company describes itself as a global manufacturer serving dental professionals and operating from its headquarters in Chicago, Illinois, with additional international locations. In threat-intelligence catalogs, myersontooth.com is listed as a ransomware victim associated with lockbit3.

PANOLAM Surface Systems is a Shelton, Connecticut-based manufacturer of integrated surface solutions in the wholesale building materials sector. The company offers decorative and specialty laminate products, including high-pressure laminates, thermally fused laminates, and fiberglass reinforced laminates, through North American manufacturing and distribution operations. Its portfolio includes Panolam, Nevamar, and Pionite brands used in commercial and architectural applications. PANOLAM was listed as a ransomware victim associated with blackbasta.

CIBTvisas is a travel and immigration services provider that expedites passports and visas for business and leisure travelers. It describes itself as a leading global provider of visa and immigration solutions, with operations across the Americas, Europe, the Middle East and Africa, and Asia Pacific. The company is headquartered in McLean, Virginia, United States. It was listed as a ransomware victim associated with play.

INTERSPORT France is a French sporting goods retailer based in Longjumeau, near Paris, and part of the wider INTERSPORT network. It distributes sports apparel, footwear, equipment, and related leisure products through a national retail and logistics footprint in France. Founded in 1924, the company serves consumers and sports clubs across the country. It was listed as a ransomware victim associated with hive.

Advanced Micro Devices, Inc. (AMD) is a U.S.-based semiconductor company headquartered in Santa Clara, California. It designs and sells microprocessors, graphics processors, chipsets, and related computing products for data center, client, gaming, and embedded markets. The company serves global customers across enterprise, consumer, and cloud computing environments. Advanced Micro Devices, Inc. was listed as a ransomware victim associated with ransomhouse.

Fairfax - Crum & Forster is part of Fairfax Financial Holdings Limited, a holding company focused on property and casualty insurance, reinsurance, and investment management. Crum & Forster is headquartered in Morristown, New Jersey, and operates as a national property, casualty, and accident & health insurer offering specialty insurance products. It is an established U.S. insurance brand within the Fairfax group. It was listed as a ransomware victim associated with ransomhouse.

Ipca Laboratories is an Indian pharmaceutical company based in Mumbai, Maharashtra, with operations in pharmaceuticals and active pharmaceutical ingredients. It develops and manufactures branded and generic medicines, bulk drugs, and formulations for domestic and export markets, supported by multiple manufacturing sites. Public company materials also note its own API manufacturing and a focus on generic formulations and emerging markets. It was listed as a ransomware victim associated with ransomhouse.