Ransomware victim disclosure
← All victimsOPTRAL S.A.
listed as optral.com · Claimed by LockBit · listed 7 months ago
Status timeline
- ListedDec 26, 2025
- Data leakeddate unknown
At a glance
- Group
- LockBit
- Status
- Data leaked
- Country
- Spain
- Sector
- Technology
- Listed on leak site
- Dec 26, 2025
About the victim
AI dossier — public-source company profileOPTRAL S.A. is a Spanish manufacturer and designer of optical fiber cables, serving markets including data centers, renewable energy, oil & gas, naval, broadcast, mining, and military sectors. The company operates production and logistics facilities in Sant Iscle de Vallalta (Barcelona), Fraga (Huesca), and a commercial delegation in Alcobendas (Madrid). OPTRAL has recently been integrated into the CUNEXT Group via acquisition by Cables Especiales de Fibra S.L.U.
- Industry
- Optical Fiber Cable Manufacturing
- Address
- Pol. Industrial - Ctra. BV-5128 Km-22, 08359 Sant Iscle de Vallalta (Barcelona), Spain
Attack summary
Severity: high — Data has been published by LockBit, confirming exfiltration. OPTRAL supplies cables to critical infrastructure sectors including military, oil & gas, energy, and data centers, elevating the potential impact of the breach beyond typical business data exposure.LockBit claims to have attacked OPTRAL and has published data (disclosed status: data_published), indicating exfiltration of company data; the specific data categories and volume have not been detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Company business data
- Potentially product and technical documentation
- Potentially customer and distributor records
- Potentially employee/HR records
What the group claims
OPTRAL specializes in the design and manufacturing of optical fiber cables, offering a wide range of...
Sources
- Victim siteoptral.com
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

