Ransomware victim disclosure
← All victimsLendco
Claimed by Killsec · listed 1 year ago
Status timeline
- ListedApr 1, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsec
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Financial Services
- Listed on leak site
- Apr 1, 2025
About the victim
AI dossier — public-source company profileLendco is a UK-based specialist lender founded in 2018, providing Buy-to-Let mortgages and bridging finance to property investors through intermediaries. The firm operates with a team of 55 experienced underwriters and has originated over £2 billion in lending, with access to major global bank funding and public market securitisations.
- Industry
- Specialist Lending & Mortgages
- Address
- 33 Gracechurch Street, London, EC3V 0BT, United Kingdom
- Employees
- 55
- Founded
- 2018
Attack summary
Severity: high — Lendco processes sensitive financial data including loan applications, customer credit information, and transaction details from property investors. Confirmed data publication by ransomware operator in the financial services sector constitutes a significant breach, even without full details of data scope.The killsec group claims to have attacked Lendco and published data. The specific nature of the exfiltration (data types, volume) and operational impact are not detailed in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Loan applications and underwriting records
- Customer financial information
- Broker intermediary details
- Lending criteria and internal processes
What the group claims
N/A
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

