Ransomware victim disclosure
← All victimsEko-Flor Plus d.o.o.
Claimed by Deadlock · listed 5 days ago
Status timeline
- ListedJul 10, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileEko-Flor Plus d.o.o. is the largest private waste management company in Croatia, headquartered in Oroslavje. Founded in 2001, it collects, sorts, and processes municipal and non-hazardous waste across 49 local administrative units, serving approximately 65,000 households and 3,000 legal entities. The company operates modern facilities for waste separation, recycling, and archive destruction across 11 Croatian counties.
- Industry
- Waste Management & Recycling
- Address
- Oroslavje, Croatia (headquarters); also operates in Zagreb and Zaprešić
- Founded
- 2001
Attack summary
Severity: medium — Data published status indicates confirmed exfiltration, but no specific data types, proof files, or scale are detailed in the post. The company handles waste management (not inherently sensitive), but customer database of 65,000 households and 3,000 businesses could include PII. Absence of proof screenshots or file inventory limits confidence in impact scope.The Deadlock group claims to have breached Eko-Flor Plus d.o.o. and exfiltrated data. The leak post does not specify which data types were stolen or whether encryption also occurred.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Customer data
- Operational documents
What the group claims
Eko-Flor Plus d.o.o. is the largest private waste management company in Croatia. Headquartered in Oroslavje, the company specializes in collecting, sorting, and processing municipal and non-hazardous waste.
Sources
Source
Indexed 5 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

