Ransomware victim disclosure
← All victimsSemilab
Claimed by Dan0N · listed 2 years ago
Status timeline
- ListedApr 25, 2024
- Data leakeddate unknown
At a glance
- Group
- Dan0N
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Apr 25, 2024
- Data size
- 1.47 TB
About the victim
AI dossier — public-source company profileSemilab is a semiconductor metrology company specializing in research and development tools for material sciences, semiconductor, photovoltaic, and display industries. The company is the 5th largest pure-play semiconductor metrology provider globally, offering products ranging from handheld devices to fully automated testing solutions. Semilab operates internationally with a US subsidiary (Semilab USA LLC).
- Industry
- Semiconductor Metrology & Testing Equipment
Attack summary
Severity: high — Confirmed exfiltration of 1.47 TB including financial, legal, employee, partner, and client data representing significant business and personal information exposure. Data already published with no ransom demand indicates operational compromise.Dan0N claims to have exfiltrated 1.47 TB of data from Semilab, including financial records, legal documents, employee and partner information, and client data. The group has published the stolen data without requesting ransom.
Data the group says was taken
AI dossier — extracted from the leak post- Financial records
- Legal documents
- Employee information
- Partner information
- Client data
What the group claims
The total size of stolen information is 1.47TB. This leak contains corporate information of the company: Financial, legal, information on employees and partners. Information on clients was also receiv
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

