Ransomware victim disclosure
← All victimsExela Technologies
Claimed by Hiveleak · listed 4 years ago
Status timeline
- ListedJul 13, 2022
- Data leakeddate unknown
At a glance
- Group
- Hiveleak
- Status
- Data leaked
- Country
- United States
- Sector
- Information Technology
- Listed on leak site
- Jul 13, 2022
About the victim
AI dossier — public-source company profileExela Technologies (operating globally under the XBP Global brand) is a workflow automation and business process outsourcing company with approximately 10,600 employees across 20 countries. The company serves over 2,500 clients worldwide, including 60+ Fortune 100 companies, offering services such as document digitisation, enterprise information management, intelligent document processing, revenue cycle management, and finance & accounting outsourcing. It operates more than 85 delivery centres and 400 managed facilities.
- Industry
- Business Process Outsourcing & Workflow Automation
- Employees
- 10600
Attack summary
Severity: critical — Exela Technologies is a large-scale BPO handling regulated data for thousands of enterprise and healthcare clients, including financial records, medical coding, and revenue cycle management data at significant scale; data_published status indicates confirmed exfiltration of likely regulated and sensitive PII across multiple verticals.The Hiveleak ransomware group claims to have attacked Exela Technologies and has published data (disclosed status: data_published); no leak post text was captured, so the specific nature of exfiltrated data or encryption claims cannot be confirmed from the post itself.
Data the group says was taken
AI dossier — extracted from the leak post- Business process records
- Client data
- Enterprise information management data
- Financial and accounting records
- Healthcare/revenue cycle management data
- Employee records
Sources
- Victim siteexelatech.com
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

