Ransomware victim disclosure
← All victimsLeidos
Claimed by Trigona · listed 3 years ago
Status timeline
- ListedMay 25, 2023
- Data leakeddate unknown
At a glance
- Group
- Trigona
- Status
- Data leaked
- Country
- United States
- Sector
- Defense & Aerospace
- Listed on leak site
- May 25, 2023
About the victim
AI dossier — public-source company profileLeidos Holdings, Inc. is a major American defense, aviation, information technology, biomedical research, and engineering company headquartered in Reston, Virginia. The company provides technology solutions and services to the U.S. federal government, including defense, intelligence, homeland security, and health agencies, as well as commercial clients. With approximately 47,000 employees, Leidos is among the largest defense IT contractors in the United States.
- Industry
- Defense & Aerospace IT Services & Engineering
- Address
- 1750 Presidents St, Reston, VA 20190, United States
- Employees
- 47000
- Founded
- 1969
Attack summary
Severity: critical — Leidos is a major U.S. defense and intelligence contractor handling classified and sensitive government programs. Any confirmed data exfiltration from such an entity constitutes a critical severity event given the likely presence of regulated, sensitive, and potentially classified government and defense-related information at scale.The Trigona ransomware group claims an attack on Leidos and has listed the disclosure as data_published, indicating data has been exfiltrated and published. The leak post provides minimal detail beyond identifying the company; no ransom amount or specific data volume was stated.
Data the group says was taken
AI dossier — extracted from the leak post- Undisclosed exfiltrated company data
What the group claims
Leidos Holdings, Inc. is an American defense, aviation, information technology, biomedical research, and engineering company.
Sources
- Victim siteleidos.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

