Ransomware victim disclosure
← All victimsThe Salarpuria Sattva Group
Claimed by Sinobi · listed 7 months ago
Status timeline
- ListedDec 18, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileThe Salarpuria Sattva Group is a commercial and residential real estate development and consultancy firm founded in 1986 and headquartered in Bangalore, India. The group specialises in development of new and existing residential and commercial properties across India. It is one of the larger real estate conglomerates in India with a significant portfolio of completed and ongoing projects.
- Industry
- Real Estate Development & Property Consultancy
- Address
- Bangalore, India
- Founded
- 1986
Attack summary
Severity: high — Data has been published (confirmed exfiltration and release), involving a large real estate conglomerate which likely holds significant volumes of business-sensitive data, client PII, and financial records. No ransom amount or data size was specified, but the published status elevates severity.The Sinobi ransomware group claims to have published data belonging to The Salarpuria Sattva Group, with the disclosure status marked as data_published, indicating exfiltration and release of company data rather than encryption-only.
Data the group says was taken
AI dossier — extracted from the leak post- Company documents
- Real estate project data
- Potentially employee or client records
What the group claims
Founded in 1986, The Salarpuria Sattva Group is a commercial and residential Property development Consultancy specializing in real estate development of new and used homes. The Salarpuria Sattva Group is located in India.
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

