Ransomware victim disclosure
← All victimsOSAC Aero
Claimed by Lapsus$ · listed 5 months ago
Status timeline
- ListedMar 1, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileOSAC Aero is described as a Spanish aeronautical engineering company providing aeronautical consulting services, product development, aircraft maintenance, and the design, prototyping, and manufacturing of aerostructures. The company is noted as a partner to leading global aerospace organisations. No independent public site content was available to verify or expand these details.
- Industry
- Aeronautical Engineering & Aerospace Consulting
Attack summary
Severity: high — Data has been published (disclosed status: data_published) by Lapsus$ involving an aerospace engineering firm, which likely holds sensitive technical IP, aerostructure designs, and client data related to major aerospace organisations; aerospace sector data carries significant national-security and commercial sensitivity.Lapsus$ claims to have attacked OSAC Aero with data published, indicating exfiltration of company data; no ransom amount or specific data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Aeronautical engineering documents
- Product development data
- Aircraft maintenance records
- Aerostructure design/prototype files
- Business/client records
Original description
AI-summarised, not from the leak post"OSAC Aero" is a Spanish aeronautical engineering company. They provide aeronautical consulting services, product development, aircraft maintenance, and also focus on designing, prototyping, and manufacturing aerostructures. Their innovative solutions have established OSAC as a reliable partner for leading global aerospace organizations.
Source
Indexed 5 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

