Ransomware victim disclosure
← All victimsTOTVS
Claimed by Blackbyte · listed 2 years ago
Status timeline
- ListedSep 30, 2024
- Data leakeddate unknown
At a glance
- Group
- Blackbyte
- Status
- Data leaked
- Country
- Brazil
- Sector
- Technology
- Listed on leak site
- Sep 30, 2024
About the victim
AI dossier — public-source company profileTOTVS is a prominent Brazilian software company founded in 1983 specializing in enterprise resource planning (ERP) solutions for small and medium-sized businesses. The company offers a comprehensive suite of products covering accounting, supply chain management, and operations across manufacturing, retail, and healthcare sectors, positioning itself as a leader in digital transformation in the Latin American market.
- Industry
- Enterprise Resource Planning (ERP) Software
- Founded
- 1983
Attack summary
Severity: high — TOTVS is a major ERP software vendor serving thousands of organizations across multiple sectors (manufacturing, retail, healthcare). A successful breach of such a company likely exposes customer data, intellectual property, and potentially customer information at significant scale, even without explicit proof counts provided.Blackbyte claims to have compromised TOTVS and published exfiltrated data. The post does not explicitly detail what data was taken or the scope of the breach.
What the group claims
TOTVS is a prominent Brazilian software company specializing in enterprise resource planning (ERP) solutions. Founded in 1983, it caters primarily to small and medium-sized businesses across various industries, including manufacturing, retail, and healthcare. TOTVS offers a comprehensive suite of software products that help organizations manage their operations efficiently, from accounting to supply chain management. Known for its innovation and leadership in the Latin American market, TOTVS is committed to driving digital transformation and improving business productivity.
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

