Ransomware victim disclosure
← All victimsInitiative Var
Claimed by Sarcoma · listed 1 year ago
Status timeline
- ListedMar 26, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileInitiative Var is a member of the Initiative France network, a national non-profit focused on supporting and financing entrepreneurs creating or taking over businesses in the Var department. The organization operates with 17 permanent staff and provided accompaniment and financing to 438 businesses in 2024, contributing to the creation or maintenance of 1,158 jobs.
- Industry
- Non-profit Membership Organization / Business Development & Financing
- Address
- Toulon, Provence-Alpes-Côte d'Azur, France
- Employees
- 17
Attack summary
Severity: medium — 80 GB of data exfiltrated from a non-profit organization handling sensitive business and entrepreneurial information (loan applications, personal financial data of entrepreneurs, organizational records). While the organization itself is non-profit, the data likely includes personally identifiable information and financial details of entrepreneurs and potentially bank partners. No confirmation of specific sensitive data categories (PII, medical, government) is stated, placing it at medium ratherThe Sarcoma group claims to have exfiltrated 80 GB of data from Initiative Var. The post indicates data publication but does not specify the nature or sensitivity of the exfiltrated files beyond volume.
Data the group says was taken
AI dossier — extracted from the leak post- Operational files
- Business records
- Organizational data
What the group claims
Initiative Var Initiative Var is a company that operates in the Membership Organizations industry. It employs 5to9 people and has 500Kto1M of revenue. The company is headquartered in Toulon, Provence-Alpes-Cote d'Azur, FranceGeo: France - Leak size: 80 GB Archive - Contains: Files
Sources
- Victim siteinitiative-var.fr
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

