Ransomware victim disclosure
← All victimsHanseata
Claimed by Thegentlemen · listed 6 hours ago
Status timeline
- ListedJul 16, 2026
- Data leakeddate unknown
At a glance
- Group
- Thegentlemen
- Status
- Data leaked
- Country
- Germany
- Sector
- Financial Services
- Listed on leak site
- Jul 16, 2026
About the victim
AI dossier — public-source company profileHanseata Flachglas is a German glass wholesaler based near Hamburg, operating since 1953. They specialize in supplying high-quality glass solutions including vacuum glass, flat glass, insulating glass, and specialty glazing to commercial clients, architects, and construction firms worldwide. The company serves craftspeople, builders, and planners with extensive stock capacity and technical consulting.
- Industry
- Glass Wholesale & Distribution
- Address
- Hamburg, Germany
- Founded
- 1953
Attack summary
Severity: medium — Data has been published and exfiltration is claimed, but no specific sensitive data types (PII, financial records, trade secrets) are detailed in the available post excerpt. No proof files are quantified. The victim is a B2B wholesaler rather than a custodian of regulated personal data at scale.The ransomware group claims to have compromised Hanseata's systems and exfiltrated data. No specific operational details are provided in the leak post excerpt, and no ransom demand is stated.
Data the group says was taken
AI dossier — extracted from the leak post- Company records
- Business data
What the group claims
***.de traditional German flat glass wholesaler based near Hamburg, operating since 1953. The company specializes in supplying high-quality glass solutions, including vacuum glass, flat glass, and insulating glass, to commercial clients, architects, and construction firms worldwide. They are particularly known for their extensive stock capacity, specialized consulting for energy-efficient vacuum glazing, and comprehensive global logistics services
Sources
- Victim sitehanseata.de
Source
Indexed 6 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

