Ransomware victim disclosure
← All victimsThe Travel Network Group
Claimed by Donutleaks · listed 3 years ago
Status timeline
- ListedJul 9, 2023
- Data leakeddate unknown
At a glance
- Group
- Donutleaks
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Telecommunications
- Listed on leak site
- Jul 9, 2023
- Data size
- 1500 GB
About the victim
AI dossier — public-source company profileThe Travel Network Group is described as the largest network of independent travel businesses in Europe, operating in the independent travel market. It serves as a membership or consortium organisation supporting independent travel agents and related commercial businesses. The company is headquartered in the United Kingdom.
- Industry
- Independent Travel Agency Network
Attack summary
Severity: critical — 1,500 GB of exfiltrated data includes PII at scale (membership personal details, addresses, contacts) alongside financial records, affecting a large European network of independent travel businesses; data has been published (disclosed status: data_published).Donutleaks claims to have exfiltrated over 1,500 GB of sensitive data from the company's file servers, including financial records and membership personal data; no encryption claim is explicitly stated.
Data the group says was taken
AI dossier — extracted from the leak post- Financial data (budgets, payments, taxes)
- Membership personal details
- Member addresses
- Member contact information
What the group claims
The Travel Network Group is the largest in Europe network of commercial businesses that operate in the independent travel market. This network has been hacked and over 1500GB of sensitive data were stolen from company's file servers, including: financial data (budgets, payments, taxes, etc)membership's data (personal details, address, contacts,…
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

