Ransomware victim disclosure
← All victimsChoice AG
Claimed by Crypto24 · listed 1 year ago
Status timeline
- ListedMay 29, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileChoice AG is a German-based mobility service provider founded in 2002 that specializes in fleet management, vehicle leasing, and purchasing solutions. The company offers two main service lines: Mobility Partnership Buy (vehicle procurement with favorable terms) and Mobility Partnership Rent (flexible leasing options). They serve businesses of varying sizes across Europe.
- Industry
- Fleet Management & Vehicle Leasing Services
- Founded
- 2002
Attack summary
Severity: medium — Disclosure marked as 'data_published' with no ransom demand, but the truncated leak post provides no concrete evidence of data exfiltration, proof files, or operational impact details. Classification defaults to medium pending full post review.The crypto24 group claims to have attacked Choice AG. No specific details are provided about the nature of the attack (encryption, exfiltration, or both) or the types of data compromised in the truncated leak post.
Original description
AI-summarised, not from the leak post"Choice AG" is a Switzerland-based company that specializes in providing solutions for investment and risk management. It offers software as well as asset management services that cater towards institutional and private investors alike. Their solutions are geared to help clients manage risk while optimizing investment returns. Services range from portfolio management to risk analysis, covering various types of assets from bonds to real estate.
Sources
- Victim sitewww.choice.de
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

