Ransomware victim disclosure
← All victimsICO ESTACIONAMENTOS
listed as ICO · Claimed by Arcusmedia · listed 1 year ago
Status timeline
- ListedMar 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Arcusmedia
- Status
- Data leaked
- Country
- Brazil
- Listed on leak site
- Mar 3, 2025
About the victim
AI dossier — public-source company profileICO ESTACIONAMENTOS is a Brazilian parking management company founded in 1986 that provides automated parking garage solutions, valet services, and online management systems to customers. The company operates parking facilities and offers services including monthly parking passes, garage automation, and user account management through a web portal.
- Industry
- Parking Management & Facility Services
- Founded
- 1986
Attack summary
Severity: medium — Confirmed data publication by ransomware group with likely exposure of customer PII (CPF/CNPJ) and parking account information. No indication of critical regulated data (financial/medical) or operational disruption to critical infrastructure. Moderate sensitivity due to personal identification numbers and payment data.The Arcusmedia group claims to have attacked ICO ESTACIONAMENTOS and published data from the breach. The leak post indicates data exfiltration, though specific details on data type and scope are not fully disclosed in the available excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- User account credentials (CPF/CNPJ)
- Customer personal information
- Parking account data
- Payment/billing records
What the group claims
Since 1986, ICO ESTACIONAMENTOS has been offering its customers ???safety???, qu…
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

