Ransomware victim disclosure
← All victimsLacor
listed as lacor.es · Claimed by ALP-001 · listed 4 months ago
Status timeline
- ListedMar 29, 2026
- Ransom deadlineApr 8, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileLacor (lacor.es) is a Spanish company specialising in kitchen utensils, cookware, and accessories for both domestic and professional use. Their product range includes cookware sets, frying pans, paella pans, coffee makers, woks, and a wide variety of kitchen tools. The company appears to operate primarily in Spain and markets its products through its own e-commerce platform.
- Industry
- Kitchenware & Cookware Manufacturing & Retail
Attack summary
Severity: high — 182.71 GB of data has reportedly been exfiltrated and disclosed ('data_published' status), representing a significant volume of internal business data. While no specific PII or regulated data categories are confirmed, the scale of exfiltration and confirmed publication elevates this above medium severity.The group ALP-001 claims to have exfiltrated approximately 182.71 GB of data from Lacor, with a stated deadline of 8 April 2026. The post indicates data has been published, suggesting exfiltration and threatened or actual public release of files.
Data the group says was taken
AI dossier — extracted from the leak post- Company files (unspecified)
- 182.71 GB of internal data
What the group claims
Country: Spain Revenue: $9 Million Storage: 182.71 GB Description: Guys, i just want to have SOME fun About this Corp, i know its small, but i like the files they have LOL . Deadline: 2026-04-08 00:09:29
Sources
Source
Indexed 4 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

