Home All Victims Petrobras / SAExploration

Petrobras / SAExploration

everest

This record tracks a ransomware attack claimed by the everest group against Petrobras / SAExploration. It collects the publicly disclosed attack details — sector, location and timeline — as published on the operator's leak site and indexed by Breach House.

Window Zero

EXPOSURE GAP

Window Zero is the time the breach stayed in the open before anyone said so — the gap between when the attack was first discovered on the operator's leak site (t1) and when it was publicly disclosed (t2). The wider this window, the longer victims, staff and customers were exposed with no warning.

212days open
t1 · Published t2 · Pending
Nov 17, 2025Not disclosed yet
Country
Brazil
Business Category
Energy
Employees
+1000
Discovered
2025-11-17
Published
November 17, 2025
Disclosed / Notified
Not disclosed yet
Victim ID
E9WKv1Y9rlZb

Attack Summary

[AI generated] Petrobras is a state-owned Brazilian multinational corporation involved in the oil, gas, and energy industry. The company specializes in exploration, production, and distribution of oil, gas, and derivative products. SAExploration is an American energy company that provides seismic data acquisition services for the oil and gas industry. They specialize in deep water ocean bottom projects and challenging land operations.

Leak Screenshots

SAMPLE

Proof-of-breach screenshots the operator posted from the stolen data. Previews are redacted and locked — the originals are available on HaveIBeenRansom.

file_tree.png
finance_2024.xlsx
passport_scan.jpg
contract_signed.pdf
Sign in or explore HaveIBeenRansom to view the full leak gallery.
View leak gallery →

Dark Web Exposure

Findings for petrobras.com.br — indexed by HaveIBeenRansom.
4,018
found in Infostealer logs
2,902+
found in Traditional breaches
98+
found in Ransomware leaks
pureincubation-com.7z.001
Database World ROC · breach
••• emails
TAPAir_BF.7z
B F R e p o V 3 F i l e s · breach
••• emails
@BreachedData1 LinkedIn 2021-23 Cleaned.7z.001
Database World ROC · breach
••• emails
Apollo.io DB 816millions.rar
Database World ROC · breach
••• emails
AntiPublic_BF.7z
B F R e p o V 3 F i l e s · breach
••• emails
vivo_leak.rar
Anonymous Russia БД · breach
••• emails
Televerde
play · ransomware
••• emails
VerificationsIO_BF.7z.011
Kedr | Forum 🪾 · breach
••• emails
+ 17 more leak sources locked
Leak volumes are locked
Sign in to reveal how many records each source exposed and the remaining 20 sources.
Sign in to unlock Dig deeper on HaveIBeenRansom →
Want the complete picture — passwords, machines, full leak files? It's all searchable on HaveIBeenRansom.
Search this victim →
Visit Website Original Post View Group: everest

Related entries

Asopagos S.A. ЕРМ Spedition Kern Advanced Psychiatry Associates Sidra Kuwait Hospital VVO Finance
Legal Disclaimer: This ransomware victim record reflects information published on the operator's leak site. Breach.house does not acquire, download, host, access or redistribute unlawfully obtained data. It indexes only publicly visible information posted by ransomware, breach and infostealer operators and open web sources, without accessing the underlying stolen content. The service supports public awareness, legitimate research and cyber-resilience.