Ransomware victim disclosure
← All victimsAQIPA
Claimed by Alphv · listed 3 years ago
Status timeline
- ListedNov 29, 2023
- Data leakeddate unknown
At a glance
- Group
- Alphv
- Status
- Data leaked
- Sector
- Business Services
- Listed on leak site
- Nov 29, 2023
About the victim
AI dossier — public-source company profileAQIPA is a business services company operating at aqipa.com. Limited public information is available about their specific operations, scale, or location.
- Industry
- Business Services
Attack summary
Severity: critical — Confirmed exfiltration of multiple categories of regulated/sensitive data at scale: PII (passports, driver's licenses, credentials), employee personal information, client data with contact details, and confidential business information (NDAs, trade secrets, financial records). Hundreds of gigabytes extracted indicates large-scale compromise.ALPHV claims to have exfiltrated hundreds of gigabytes of data from AQIPA's corporate network, including trade secrets, client information, employee personal data, and internal financial and HR documents.
Data the group says was taken
AI dossier — extracted from the leak post- trade secret information (NDAs)
- client lists with full contact information
- current and future project details
- development strategies and plans
- employee personal data (passports, insurance, driver's licenses)
- login credentials for personal accounts and social networks
- financial reporting documents
- HR records
- management documents
What the group claims
As a result of an attack on the corporate network of AQIPA.com, we obtained hundreds of gigabytes of data: - trade secret information (NDAs, lists of clients with full information about them, current and future projects of the company, development strategies and plans) - personal data of employees and clients (passports, insurance, driver's licenses; login data for personal accounts, social networks and messengers, etc.); - information disclosing the peculiarities of operation - non-public reporting documents concerning finance, management, HR, etc.
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

