Ransomware victim disclosure
← All victimsCE RATP Comité d'Entreprise RATP
listed as Ce Ratp Comite D entreprise Ratp · Claimed by Thegentlemen · listed 8 days ago
Status timeline
- ListedJul 7, 2026
- Data leakeddate unknown
At a glance
- Group
- Thegentlemen
- Status
- Data leaked
- Country
- France
- Sector
- Transportation/Logistics
- Listed on leak site
- Jul 7, 2026
About the victim
AI dossier — public-source company profileCE RATP is the Works Council (employee benefits organization) of RATP, the Paris public transport operator. Based in Fontenay-sous-Bois, it operates a digital platform exclusively for RATP employees and beneficiaries to manage social and cultural activities, vacation bookings, summer camp registration, and access to leisure events.
- Industry
- Transportation/Employee Services
- Address
- Fontenay-sous-Bois, France
Attack summary
Severity: medium — Platform serves employee PII and benefits data at scale (all RATP workers + beneficiaries); however, no proof files or screenshots are referenced in the post, and no operational impact to RATP's critical transport services is claimed. Data exposure is significant but not confirmed as exfiltrated.The threat actor claims to have compromised the CE RATP digital platform. The group indicates data exfiltration but provides no specific details about data types or operational impact in the truncated post.
Data the group says was taken
AI dossier — extracted from the leak post- Employee personal information
- Beneficiary records
- Vacation booking data
- Summer camp registrations
- Leisure activity enrollment records
- Corporate benefit records
What the group claims
***.fr zoominfo.com/c/ce-ratp-comité-dentreprise-ratp/1315531566 digital platform of the RATP Works Council, dedicated exclusively to employees of the Paris public transport operator and their beneficiaries.It provides comprehensive services for social and cultural activities, allowing members to book vacations, register for summer camps, and access exclusive leisure events.Based in Fontenay-sous-Bois, the platform serves as a central hub for managing employee benefits and corporate perks
Sources
- Victim siteceratp.fr
Source
Indexed 8 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

