E-Control Systems
May 18, 2026
•[ ransomware, data-extortion, IoT ]
The Gentlemen ransomware group publicly claimed responsibility for a data-extortion attack against E-Control Systems, a California-based IoT-powered wireless temperature-monitoring technology company, on May 18, 2026 and threatened to publish sensitive data unless negotiations began. Public reporting did not confirm encryption, deletion, operational disruption, or the specific data volume.
Liberty Mutual Insurance
April 30, 2026
•[ data-extortion, data leak, personal information ]
Everest Group claimed responsibility for a data-extortion attack against Liberty Mutual Insurance on April 30, 2026 and began leaking what it claimed was more than 108 GB of stolen data, including policyholder personal, financial, and insurance information. Public reporting did not confirm encryption, deletion, or operational disruption.
Florida East Coast Railway
April 30, 2026
•[ data-extortion, data leak, PII ]
PayoutsKing claimed responsibility for a data-extortion attack against Florida East Coast Railway on April 30, 2026 and threatened to leak sensitive data unless negotiations were initiated. DataBreach.com later indexed 16,668 rows associated with the breach, including names, email addresses, and phone numbers. Public sources did not confirm successful encryption or operational disruption.
i.e.Smart Systems
April 23, 2026
•[ ransomware, data-extortion, data leak ]
The Gentlemen ransomware group publicly claimed responsibility for a data-extortion attack against i.e.Smart Systems, a Houston-area technology integrator, on April 23, 2026 and threatened to leak sensitive data if the company did not engage in negotiations. Public reporting did not confirm encryption, deletion, operational disruption, or the specific data volume.
Gastroenterology & Hepatology of CNY
April 14, 2026
•[ ransomware, data-extortion, healthcare ]
Exitium claimed responsibility for a ransomware and data-extortion attack against Gastroenterology & Hepatology of CNY on April 14, 2026, claiming it had encrypted systems and threatened to sell patient records if its demands were not met. DataBreach.com later indexed 196,959 rows associated with the leak, while other public reporting described Exitium's claim as involving approximately 167,303 patient records.
Fundação Getúlio Vargas
February 19, 2026
•[ ransomware, data-extortion, data leak ]
TecMundo reported that ransomware/data-extortion group Dragonforce listed Fundao Getulio Vargas (FGV) as a purported victim and claimed a compromise of 1.52 TB of data, posting images of documents as proof and setting a countdown (typical extortion deadline) for publication if ransom is not paid. TecMundo said it reviewed sample documents that appeared to include internship registration forms, personnel/event records, and project proposals. FGV responded that it had experienced service/provider instability that was resolved and that it had no confirmation of system intrusion or data exfiltration, stating that anonymous dark web postings were not proof.
