Ransomware victim disclosure
← All victimsRatna Sagar Private Limited
listed as ratnasagar.com · Claimed by Projectrelic · listed 1 year ago
Status timeline
- ListedMay 12, 2025
- Data leakeddate unknown
At a glance
- Group
- Projectrelic
- Status
- Data leaked
- Country
- India
- Sector
- Education
- Listed on leak site
- May 12, 2025
About the victim
AI dossier — public-source company profileRatna Sagar is an ISO 9001:2015 and 14001:2015 certified educational publishing company based in Delhi, India, established in 1986. They specialize in textbooks and learning materials for kindergarten through grade 12, covering English, mathematics, science, social science, and other subjects used across thousands of schools in India.
- Industry
- Educational Publishing
- Address
- Delhi, India
- Founded
- 1986
Attack summary
Severity: medium — Data has been published by the group with disclosed status confirmed, but no specific sensitive data inventory or proof count is detailed in the post. The company handles educational content and likely maintains student/institutional records, but no regulated PII at scale is explicitly confirmed.Projectrelic claims to have compromised Ratna Sagar's systems and published data. The group's post does not specify whether encryption occurred or detail the scope of exfiltrated data.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Internal documents
Original description
AI-summarised, not from the leak postRatna Sagar is an educational publishing company based in India with over three decades of experience. They specialize in textbooks for kindergarten to grade 12, with a major focus on English literacy materials. The company's comprehensive resources cover a wide range of subjects and are used in thousands of schools across India.
Sources
- Victim siteratnasagar.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

