Ransomware victim disclosure
← All victimsTerra Caribbean
listed as terracaribbean.com · Claimed by LockBit · listed 7 months ago
Status timeline
- ListedDec 7, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileTerra Caribbean is a leading real estate firm operating across Barbados, Grenada, Saint Lucia, and Trinidad & Tobago, with a history dating back to the 1950s. The company offers comprehensive residential and commercial real estate services including property purchases, sales, long-term rentals, management, and valuations. It is headquartered in Barbados and serves clients across the Caribbean region with a focus on market knowledge and local expertise.
- Industry
- Caribbean Real Estate Services
- Founded
- 1950
Attack summary
Severity: high — Data has been published (disclosed status: data_published), indicating confirmed exfiltration. A real estate firm of 60+ years operating across multiple Caribbean jurisdictions likely holds significant volumes of client PII, financial transaction data, and sensitive property ownership records.LockBit claims to have attacked Terra Caribbean and has published data, indicating exfiltration of company data. No ransom amount was stated and no specific data volume was disclosed.
Data the group says was taken
AI dossier — extracted from the leak post- Real estate transaction records
- Client personal information
- Property listings data
- Agent contact information
- Business correspondence
What the group claims
Terra Caribbean is your expert in Caribbean real estate, we're well equipped to help find you y...
Sources
- Victim siteterracaribbean.com
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

