Ransomware victim disclosure
← All victimsGrupo PyD
Claimed by Gunra · listed 3 months ago
Status timeline
- ListedApr 8, 2026
- Data leakeddate unknown
At a glance
- Group
- Gunra
- Status
- Data leaked
- Country
- Argentina
- Sector
- Construction
- Listed on leak site
- Apr 8, 2026
About the victim
AI dossier — public-source company profileGrupo PyD is an Argentine company specializing in contact center services, business process outsourcing (BPO), and omnichannel customer engagement solutions. It provides outsourcing, sales, customer service, and talent development services to clients across multiple sectors, positioning itself as a strategic partner for businesses seeking high-quality, cost-efficient service operations. The company operates cloud-based technology platforms and serves both private and public sector clients.
- Industry
- Contact Center & Business Process Outsourcing
Attack summary
Severity: high — Data has been published (disclosed status: data_published), indicating confirmed exfiltration. As a BPO/contact center company, Grupo PyD likely holds significant volumes of PII and client business data across multiple sectors, raising the potential impact of the breach considerably.The Gunra ransomware group claims to have attacked Grupo PyD and has published data related to the incident; no ransom amount was stated and no specific data volume was disclosed.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations data
- Client records
- HR and personnel data
- Customer service data
- Internal communications
Original description
AI-summarised, not from the leak postGrupo PyD is a Spanish consulting and human resources company operating in Spain. It specializes in personnel selection, recruitment, training, and organizational consulting services for businesses across various sectors. The firm supports companies in talent acquisition, workforce development, and HR management. Based in Spain, it serves both private and public sector clients seeking professional human capital and advisory solutions.
Sources
Source
Indexed 3 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

