Ransomware victim disclosure
← All victimsFractal ID
listed as fractal.id · Claimed by Stormous · listed 2 years ago
Status timeline
- ListedOct 16, 2024
- Data leakeddate unknown
At a glance
- Group
- Stormous
- Status
- Data leaked
- Country
- Germany
- Sector
- Technology
- Listed on leak site
- Oct 16, 2024
- Data size
- 10 GB
- Records
- 300.000 users
About the victim
AI dossier — public-source company profileFractal ID operates a KYC (Know Your Customer) and identity verification service that processes user identity data for financial and cryptocurrency clients. The company maintains systems for personal identity verification at scale.
- Industry
- Identity Verification & KYC (Know Your Customer)
Attack summary
Severity: critical — Confirmed exfiltration of highly sensitive PII (identity documents, financial records, cryptocurrency addresses) affecting 300,000+ users in a regulated KYC context. Scale, data sensitivity, and regulatory implications (financial/AML compliance data) justify critical classification.Stormous claims to have exfiltrated approximately 10–12 GB of data from Fractal ID's KYC system and associated systems, affecting over 300,000 users. Extracted data includes personal photos, bank statements, proof of address, and cryptocurrency wallet addresses.
Data the group says was taken
AI dossier — extracted from the leak post- personal photos
- bank statements
- proof of address documents
- ETH/BTC wallet addresses
- KYC user records
What the group claims
THE FULL LEAK OF FRACTAL ID IS HERE ! web.fractal.id We have extracted over 10GB of DATA from the KYC system of Fractal ID and some of its other systems. The breach includes more than 300,000 users linked to Fractal ID clients in its KYC service. Our leak from the hack includes the following: The total amount of data we managed to access exceeded 10 GB ------ 12GB, including personal photos, bank statements, proof of address, and ETH/BTC addresses. Our breach involves over 300,000 users. ENJOY! "A report will be published soon about the company's status regarding data protection!"
Sources
- Victim sitefractal.id
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

