Ransomware victim disclosure
← All victimsEvaluate (a Norstella company)
listed as Evaluate a Norstella company · Claimed by Everest · listed 4 months ago
Status timeline
- ListedMar 15, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileEvaluate is a life sciences market intelligence company and a subsidiary of Norstella, a group of data and analytics businesses serving the pharmaceutical and healthcare industries. Evaluate provides commercial data, forecasts, and analytics on the global pharmaceutical and medical device markets. Norstella is a US-headquartered organisation though Evaluate has historically had significant operations in the UK and internationally.
- Industry
- Healthcare Data & Market Intelligence
Attack summary
Severity: high — Evaluate handles sensitive pharmaceutical commercial data, forecasts, and potentially client business intelligence at scale. The 'data_published' status indicates confirmed exfiltration and publication, warranting a high severity rating even without explicit data inventory details from the truncated post.The Everest ransomware group has listed Evaluate (a Norstella company) as a victim with a disclosed/data-published status, implying data exfiltration has occurred or data has been published; however, the leak post excerpt provides no specific detail on the nature or volume of the data claimed.
Original description
AI-summarised, not from the leak postN/A
The leak post
captured from the group's site© 2026, All rights reserved Citizens Bank - Database Leaked Evaluate a Norstella company - Database Leaked Studio Marchi - Studio Professionale Associato - Database Leaked Super AI - Database Leaked Complete Aircraft Group - Database Leaked Umiles Group - Database Leaked K Subsea Group - Database Leaked Parque Eólico Toabré - Database Leaked PT Brantas Abipraya - Database Leaked Straight Line Logistics - Database Leaked First Priority Group - Database Leaked Hyundai Elevator - Database Leaked UD Trucks - Database Leaked McDonalds India - Database Leaked Tsunami Tsolutions - Database Leaked Atlas Air: MUSE INSECURE - Database Leaked Iron Mountain - Database Leaked Hosowaka Micron Group - Database Leaked Shinwa Co Ltd - Database Leaked SIGMA Processing Group - Database Leaked Acu Trans Solutions LLC - Database Leaked GIBSIN Engineers - Database Leaked ASRock Rack - Database Leaked Reeves Information Technology - Database Leaked WANCHI STEEL INDUSTRIAL - Database Leaked GC Accounting - Database Leaked National Money Mart Company - Database leaked Virginia Records - Database Leaked Morgan Records Management - Database leaked ELC Electroconsult SpA - Databas…
Sources
Source
Indexed 4 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

