Ransomware victim disclosure
← All victimsKaneko
Claimed by Thegentlemen · listed 6 hours ago
Status timeline
- ListedJul 16, 2026
- Data leakeddate unknown
At a glance
- Group
- Thegentlemen
- Status
- Data leaked
- Country
- Japan
- Listed on leak site
- Jul 16, 2026
About the victim
AI dossier — public-source company profileKaneko is a Japanese software company based in Itoigawa, Niigata, specializing in construction project management solutions. Over three decades, they have developed the CDPM series, a recognized software for creating and managing complex construction schedules, and recently launched the CDPM-X64 platform with JSON support and advanced analytics.
- Industry
- Construction Software & Project Management
- Address
- Itoigawa, Niigata, Japan
Attack summary
Severity: medium — Data has been published (disclosed_status confirms 'data_published'), indicating confirmed exfiltration, but the leak post provides no inventory of sensitive data types, no proof count, and no evidence of PII, financial records, or regulated data at scale. Medium severity reflects confirmed data exposure without clarity on sensitivity or volume.The thegentlemen group claims to have compromised Kaneko and published data from the breach. The post does not specify whether data was exfiltrated, encrypted, or both, nor does it detail the scope or nature of exposed data.
What the group claims
***.co.jp zoominfo.com/c/kaneko/540044079 Japanese software company based in Itoigawa, Niigata, specializing in construction project management solutions. For over three decades, the company has developed the CDPM series, a widely recognized software for creating and managing complex construction schedules. Recently, the company has been actively driving digital transformation in the construction industry through its advanced CDPM-X64 platform, which introduces innovative features like native JSON support and comprehensive schedule analysis tools
Sources
- Victim sitekaneko-corp.co.jp
Source
Indexed 6 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

