Ransomware victim disclosure
← All victimsCertified Tech Trainers (CTT)
listed as www.certifiedinfosec.com · Claimed by Apt73 · listed 2 years ago
Status timeline
- ListedDec 4, 2024
- Data leakeddate unknown
At a glance
- Group
- Apt73
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Dec 4, 2024
About the victim
AI dossier — public-source company profileCertified Tech Trainers (CTT), operating under the trade name Certified Information Security, is a U.S.-based provider of professional training and certification courses in cybersecurity, governance, compliance, risk management, and artificial intelligence. They offer instructor-led and e-learning courses aligned with standards such as NIST, ISO 27001, ISO 42001, and ISO 37301.
- Industry
- Professional Training & Certification Services
Attack summary
Severity: medium — Data has been published and the victim is a technology/training company; however, the leak post is truncated and does not specify the scope, sensitivity, or volume of exfiltrated data, nor does it detail customer PII or regulated information at scale.APT73 claims to have breached Certified Information Security and published exfiltrated data. The specific nature of the data compromised and operational details are not fully disclosed in the truncated leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Company registration documents
- Business operational records
What the group claims
Certified Information Security is a registered trade name for Certified Tech Trainers (CTT) (D-U-N-S# 010573009) (CAGE code: 3FKS0), a corporation ...
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

