[ For GroupLink (TOR), you need to change BAWANG with ONION, example: https://tegbmnhkbpqz637f2yd.bawang >> https://tegbmnhkbpqz637f2yd.onion ]
| Country | Discovered | Published | Group Name | Victim | Source | Description |
|---|---|---|---|---|---|---|
| US | 2025-04-10 | 2025-04-07 | HELLCAT Google | Research | POTOMAC FINANCIAL SERVICES About Victim | We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning. | |
| 2025-04-07 | 2025-04-07 | HELLCAT Google | Research | P**O*** About Victim | We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning. | ||
| CN | 2025-04-07 | 2025-04-07 | HELLCAT Google | Research | CVTE About Victim | We have breached the internal systems of Guangzhou Shiyuan Electronic Technology, securing sensitive files that, if exposed, would cause serious disruption across operations and partnerships. | |
| US | 2025-04-05 | 2025-03-18 | HELLCAT Google | Research | HIGHWIRE PRESS About Victim | Jiraware <<3 !! We hold sensitive data from HighWire Press, a leading platform serving scholarly publishers. The data includes internal documents, communications, and materials that could impact both HighWire and its publishing partners. | |
| US | 2025-04-05 | 2025-04-05 | HELLCAT Google | Research | RACAMI About Victim | Jiraware <<3 !! We have breached Racami’s internal systems. The data in our possession poses a serious threat to their business continuity, reputation, and client trust. | |
| PL | 2025-04-05 | 2025-04-05 | HELLCAT Google | Research | ASSECO About Victim | Jiraware <<3 !! We have breached Asseco’s internal systems, stealing sensitive files, communications, financial records, and source material | |
| SE | 2025-04-05 | 2025-04-05 | HELLCAT Google | Research | LEOVEGAS AB About Victim | We have compromised the internal systems of LeoVegas AB. The data in our possession threatens their operations, regulatory compliance, and customer trust. | |
| CN | 2025-03-29 | 2025-03-29 | HELLCAT Google | Research | TRANSSION HOLDINGS About Victim | We hold almost 70GB of sensitive data from Transsion, a leading mobile device provider with $8.6B in revenue. This includes emails, internal communications, source codes, project planning, and data from Transsion and its partners. | |
| ES | 2025-03-25 | 2025-03-24 | HELLCAT Google | Research | GRUPO SANTILLANA About Victim | We hold sensitive files from Santillana, the largest business unit of Spain’s publicly traded Prisa media group. The company must act quickly to prevent the exposure of this data. | |
| US | 2025-03-25 | 2025-03-24 | HELLCAT Google | Research | OMNITRACS About Victim | We hold sensitive files from Omnitracs, a leading provider of fleet management and logistics solutions. The company must act swiftly to prevent the exposure of this data. | |
| US | 2025-03-17 | 2025-03-17 | HELLCAT Google | Research | ELECTRONICS FOR IMAGING About Victim | We hold 19GB of sensitive files from Electronics For Imaging, Inc., including critical corporate data that could jeopardize the company's operations, client relationships, and reputation if released publicly. | |
| CH | 2025-03-16 | 2025-03-15 | HELLCAT Google | Research | ASCOM HOLDING AG About Victim | 44GB of sensitive data including internal reports, sales documents, confidential contracts, development tools, and source code stolen from Ascom. | |
| DE | 2025-02-28 | 2025-02-25 | HELLCAT Google | Research | ONEDEALER About Victim | We have obtained over 330,000 records from OneDealer partners, including sales reports, leads, customer data, and vehicle details with VINs and license plates. Affected companies include AutoHellas, AutoBesikos, KosmoCar, AWT, Karenta AE, QA, Proaxia, Hyundai, BMW, Audi, Kia, | |
| TR | 2024-12-26 | 2024-12-26 | HELLCAT Google | Research | CAR CARE PLAN - TURKEY About Victim | We have successfully stolen over50 GBof data from Car Care Plan, including financial records with sensitive information, legal documents and statements, customer records, along with internal documents and records. All the data has been encrypted, and without our decryption key, it is almost impossible to decrypt.To ensure the return of this data, we are demanding a ransom of0.5 BTC. The deadline for this payment is fast approaching. Once the payment is received, the decryption key will be provided, and the data will be returned without delay. It is up to Car Care Plan to act accordingly. | |
| ID | 2024-12-25 | 2024-12-25 | HELLCAT Google | Research | SISTEM INFORMASI PENGELOLAAN KEUANGAN DAERAH (SIPKD) About Victim | We have successfully stolen82 GBof data, including backups, from the e-Finance system of Blora Regency, known as theSistem Informasi Pengelolaan Keuangan Daerah (SIPKD). The data spans from 2018 to the present and remains in our possession. To ensure its safe return, we are demanding1.5 BTC. The deadline for this payment is fast approaching. Once the payment is received, the data will be returned without further delay. The terms are clear, and it is up to Blora Regency's authorities to act accordingly. | |
| US | 2024-12-25 | 2024-12-25 | HELLCAT Google | Research | PINGER - USA About Victim | We have successfully breached Pinger, obtaining 111 GB of sensitive data. This includes over 9 million user records, private messages, voice messages, internal tools such as phone number lookup and notification sender, backend systems, and source codes. Since the ransom was not paid, all the data has been publicly released. | |
| TZ | 2024-11-04 | 2024-11-04 | HELLCAT Google | Research | COLLEGE OF BUSINESS - TANZANIA About Victim | We have released over 500,000 records from Tanzania’s College of Business Education, containing student names, phone numbers, emails, and additional data, including possible billing information. | |
| JO | 2024-11-04 | 2024-11-04 | HELLCAT Google | Research | MINISTRY OF EDUCATION - JORDAN About Victim | We have successfully accessed and compromised a range of sensitive documents from Jordan's Ministry of Education. This includes images of identification cards, divorce papers, and various letters addressed to the Minister. | |
| FR | 2024-11-04 | 2024-11-04 | HELLCAT Google | Research | SCHNEIDER ELECTRIC - FRANCE About Victim | [IA generated] Schneider Electric, based in France, is a global leader in energy management and automation. The company focuses on digital transformation by integrating world-leading process and energy technologies. It provides solutions for homes, buildings, data centers, infrastructure, and industries, enhancing efficiency and sustainability. Schneider Electric emphasizes innovation and sustainability in its offerings. | |
| IL | 2024-10-25 | 2024-10-25 | HELLCAT Google | Research | THE KNESSET - ISRAEL About Victim | We have successfully compromised the Knesset's secure networks and extracted 64GB of sensitive data. This includes internal communications and confidential documents. |