Ransomware victim disclosure
← All victimsASSA ABLOY
listed as assaabloy.com\$14.4B\Sweden\229GB\<1% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedMar 17, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- Sweden
- Sector
- Manufacturing
- Listed on leak site
- Mar 17, 2025
About the victim
AI dossier — public-source company profileASSA ABLOY is a global security technology company that designs and manufactures mechanical and electromechanical locking systems, master key systems, and access control solutions for residential, commercial, and public buildings. Operating under heritage brands including IKON, effeff, and KESO, the company serves private, commercial, and public sector customers.
- Industry
- Security Hardware & Access Control Systems
Attack summary
Severity: critical — ASSA ABLOY is a major global security infrastructure provider with ~$14.4B market valuation; compromise of 229 GB of proprietary security hardware designs, manufacturing data, and customer information poses significant risk to physical security supply chains and critical infrastructure worldwide. Data has been published, confirming exfiltration.Cactus ransomware group claims to have compromised ASSA ABLOY and exfiltrated approximately 229 GB of data. The group has published portions of the stolen data, indicating both encryption and data exfiltration.
Data the group says was taken
AI dossier — extracted from the leak post- Technical specifications
- Product designs
- Business documents
- Customer information
- Operational data
Sources
- Victim siteassaabloy.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

