Ransomware victim disclosure
← All victimsWestern International Group
listed as westernint.com · Claimed by Apt73 · listed 9 days ago
Status timeline
- ListedJul 6, 2026
- Data leakeddate unknown
At a glance
- Group
- Apt73
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Jul 6, 2026
About the victim
AI dossier — public-source company profileWestern International Group is a large private conglomerate based in Dubai with a 30-year operational history. The group owns and operates multiple consumer brands across electronics (GEEPAS), retail (NESTO, Brandzone), fashion (YOUNGLIFE, Masho), luggage (PARAJOHN), home goods (ROYALFORD, DELCASA), watches (CLARKFORD), baby care (BABYPLUS), e-commerce (Jazp.com, WIGME.COM), and IoT solutions (Geetron), with significant presence across the Middle East and emerging markets.
- Industry
- Diversified Conglomerate – Consumer Electronics, Retail, Fashion, Home Goods, IoT
- Address
- Dubai, United Arab Emirates
- Employees
- 500+
- Founded
- 1989
Attack summary
Severity: high — Confirmed data exfiltration and publication by a ransomware group against a large multinational conglomerate with significant operations, customer base, and brand portfolio. The breach affects a company with 500+ employees and multiple retail/e-commerce properties handling consumer transactions.APT73 claims to have breached Western International Group and published exfiltrated data. The group's leak post indicates data exfiltration; operational details of the attack (encryption, scope, specific data types) are not fully described in the provided excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Customer data
- Financial information
- Operational data
What the group claims
Western International Group is a large private conglomerate based in Dubai that operates in the r...
Sources
Source
Indexed 9 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

