Ransomware victim disclosure
← All victimsUnyleya
listed as unyleya.edu.br · Claimed by Rebornvc · listed 1 year ago
Status timeline
- ListedJul 8, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileUnyleya is a Brazilian distance education provider that has operated for over 18 years, offering undergraduate, postgraduate, and extension courses online. The institution specializes in digital education delivery across multiple disciplines including business, technology, and public administration.
- Industry
- Distance Education & Online Learning
Attack summary
Severity: high — Confirmed exfiltration of student personal data (user records), financial data (invoices, contracts), and educational records (assignments). Educational institution data at scale involving thousands of students qualifies as significant sensitive information exposure.The rebornvc group claims to have exfiltrated invoices, contracts, user records, and assignment data from Unyleya's systems. The group published data but no ransom demand is stated.
Data the group says was taken
AI dossier — extracted from the leak post- invoices
- contracts
- user records
- student assignments
What the group claims
Unyleya is an educational group that has been developing technological solutions to offer quality education to thousands of students seeking qualification and professional development for over 18 years. It is known for being a pioneer in digital education, offering a wide variety of undergraduate and postgraduate courses in Brazil. Invoices, contracts, users, assignments and more was stolen.
Sources
- Victim siteunyleya.edu.br
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

