Ransomware victim disclosure
← All victimsGrayscale Investments
Claimed by Everest · listed 1 year ago
Status timeline
- ListedJul 31, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- United States
- Sector
- Financial Services
- Listed on leak site
- Jul 31, 2025
About the victim
AI dossier — public-source company profileGrayscale Investments is a digital currency asset management company founded by Barry Silbert in 2013. It provides investment products focused on digital assets, including Bitcoin trusts and diversified cryptocurrency funds, and manages the largest Bitcoin portfolio in the sector.
- Industry
- Digital Currency Asset Management
- Founded
- 2013
Attack summary
Severity: medium — Data has been published by the threat actor, indicating confirmed exfiltration. However, the specific data types and volume are not detailed in the available post excerpt, and no operational disruption is mentioned. The financial services sector and scale of the company suggest moderate to significant sensitivity.The Everest group claims to have attacked Grayscale Investments and published data. Specific details on what data was exfiltrated or whether encryption occurred are not provided in the available leak post excerpt.
Original description
AI-summarised, not from the leak postGrayscale Investments is a digital currency asset management company, founded by Barry Silbert in 2013. It provides secure access to the digital currency asset class through its single-asset and diversified investment products, including Grayscale Bitcoin Trust and Grayscale Digital Large Cap Fund. It operates in the US and has the distinction of managing the largest Bitcoin portfolio.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

