Threeam is a ransomware operator no longer publishing new disclosures. Darkfield has indexed 85 public victims claimed by this operator between September 14, 2023 and June 12, 2026. Threeam is a financially motivated ransomware group that emerged in September 2023, operating as a relatively new player in the ransomware ecosystem with 64 documented victims across multiple countries and sectors. The group's origin and potential affiliations remain unclear due to limited public documentation from major security agencies, though their targeting patterns suggest a broad opportunistic approach rather than nation-state backing. Based on available victim data, Threeam appears to employ common initial access vectors targeting organizations across business services, healthcare, manufacturing, and technology sectors, with the United States, United Kingdom, Australia, France, and Brazil representing their primary geographic focus areas. While specific technical details about their encryption methods and extortion tactics have not been extensively documented by major threat intelligence firms, their emergence in late 2023 and victim count suggests they have established operational capabilities within the competitive ransomware landscape. The group's current operational status remains active based on the recency of their emergence, though detailed law enforcement actions or disruption efforts have not been publicly reported by CISA, FBI, or other major security organizations.

Recent disclosures by Threeam

Most recent 30 of 85 indexed disclosures. Click any row for the full per-victim dossier.

• kkp.lawBusiness Services · United States · May 25, 2025
• iss-na.comBusiness Services · United States · May 25, 2025
• icgad.comNot Found · United States · May 25, 2025
• dbhcares.comHealthcare · United States · May 25, 2025
• icmtx.comTechnology · United States · May 25, 2025
• jastreet.comNot Found · United States · May 25, 2025
• neffendorfblockercpa.comFinancial Services · United States · May 25, 2025
• gosvt.comEntertainment · United States · May 25, 2025
• vazirilaw.comBusiness Services · United States · May 25, 2025
• leonardo.comTechnology · Italy · February 13, 2025
• sehma.comNot Found · Germany · February 11, 2025
• corehandf.comConsumer Services · United States · February 5, 2025
• soitinlaine.fiNot Found · Finland · January 30, 2025
• anwsd.orgNot Found · United States · January 15, 2025
• hapsch.deNot Found · Germany · January 9, 2025
• kuritaamerica.comManufacturing · Japan · December 17, 2024
• hobokennj.govGovernment · United States · December 4, 2024
• midstatesindustrial.comManufacturing · United States · November 13, 2024
• anuenterprise.com.auBusiness Services · Australia · October 31, 2024
• inhometexas.comHealthcare · United States · October 31, 2024
• caillau.com.brManufacturing · Brazil · October 31, 2024
• sandray.comNot Found · United States · October 31, 2024
• mpspromotions.comBusiness Services · Australia · October 31, 2024
• freedomhomecare.netHealthcare · United States · October 31, 2024
• carolinaarthritis.comHealthcare · United States · October 24, 2024
• oklahomasleepinstitute.comHealthcare · United States · October 10, 2024
• verco.co.ukManufacturing · United Kingdom · September 30, 2024
• carlile-group.comTransportation/Logistics · United Kingdom · September 30, 2024
• sacredheart.southwark.sch.ukEducation · United Kingdom · September 30, 2024
• mctas.org.auHealthcare · Australia · September 30, 2024

See every disclosure indexed for Threeam →