Ransomware victim disclosure
← All victimsCommittee to Protect Journalists
listed as CPJ.ORG · Claimed by Clop · listed 6 months ago
Status timeline
- ListedJan 8, 2026
- Data leakeddate unknown
At a glance
- Group
- Clop
- Status
- Data leaked
- Country
- United States
- Sector
- Public Sector
- Listed on leak site
- Jan 8, 2026
About the victim
AI dossier — public-source company profileThe Committee to Protect Journalists (CPJ) is a non-profit organization based in New York dedicated to defending press freedom and the rights of journalists worldwide. It monitors violations against press freedom, documents attacks on journalists, and provides safety resources and guidance to journalists operating in dangerous environments.
- Industry
- Non-profit / Press Freedom Advocacy
- Address
- New York, US
- Founded
- 1981
Attack summary
Severity: high — CPJ maintains sensitive information about journalists, sources, and security operations globally. Compromise of this data could directly endanger journalists and sources in repressive countries. The organization's mission-critical nature and the potential harm to vulnerable journalists worldwide elevates this to high severity despite lack of explicit proof count.The Clop ransomware group claims to have attacked CPJ.org. The group's post indicates data exfiltration, though the specific details of what data was taken and whether encryption occurred are not explicitly stated in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Journalist contacts and sources
- Internal communications
- Safety and security documentation
- Organizational records
Original description
AI-summarised, not from the leak postCPJ.ORG, or the Committee to Protect Journalists, is a non-profit organization based in New York. Its mission is to promote press freedom worldwide and defend the rights of journalists to report the news without fear of reprisal. It does this by monitoring and documenting violations against press freedom and providing safety guides and other resources for journalists.
Sources
Source
Indexed 6 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

