Ransomware victim disclosure
← All victimsWiBeats S.r.l.
Claimed by Deadlock · listed 5 days ago
Status timeline
- ListedJul 10, 2026
- Data leakeddate unknown
At a glance
- Group
- Deadlock
- Status
- Data leaked
- Country
- Italy
- Sector
- Technology
- Listed on leak site
- Jul 10, 2026
About the victim
AI dossier — public-source company profileWiBeats S.r.l. is an Italian asset management and loans service group specializing in performing and non-performing real estate. Based in Turin, the company offers property management, consulting, leasing, and BIM management services across multiple business units (BFORMS, WIBITA, WIMOVE).
- Industry
- Asset Management & Real Estate Services
- Address
- via Sant'Agostino 8, 10122 Torino (TO), Italy
Attack summary
Severity: high — Confirmed exfiltration of significant business data including regulatory documents (permits) and contracts. Large data volume (150+ GB total) and regulated real estate/financial sector context elevates severity despite no explicit PII scale confirmation.Deadlock claims to have exfiltrated over 150 GB of internal email data and more than 50 GB of sensitive data including contracts, official papers, construction permits, and renewal permits from WiBeats.
Data the group says was taken
AI dossier — extracted from the leak post- internal emails
- contracts
- construction permits
- renewal permits
- official papers
What the group claims
WIBEATS is one among the last few independent Italian Asset Management and Loans Service group, specialised performing and non performing real estate. Over 150 gigabytes of internal email datastore were stolen from this company. more than 50 GB of internal sensitive data containing contracts and official papers containing construction and renewal permits
Sources
Source
Indexed 5 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

