Ransomware victim disclosure
← All victimsInfraestructura Portuaria Mexicana S.A. de C.V. (IPM)
listed as ipmaltamira · Claimed by ALPHV/BlackCat · listed 2 years ago
Status timeline
- ListedMar 3, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- Mexico
- Sector
- Business Services
- Listed on leak site
- Mar 3, 2024
About the victim
AI dossier — public-source company profileInfraestructura Portuaria Mexicana (IPM) is a subsidiary of PINFRA operating Terminal #2 at the Port of Altamira, Mexico. Established in 1996 following Mexico's 1994 port privatization initiative, IPM holds a concession for port operations and management through 2036.
- Industry
- Port Operations & Terminal Management
- Address
- Port of Altamira, Terminal #2, Mexico
- Founded
- 1996
Attack summary
Severity: high — Critical infrastructure (port terminal operations) compromised by a confirmed ransomware group. Data exfiltration confirmed with publication status. Operational disruption potential to international maritime commerce.ALPHV/BlackCat claims to have compromised IPM's systems and published exfiltrated data. The group does not specify the scope of encrypted systems versus data theft in this excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- operational records
- port management documents
- corporate/administrative files
What the group claims
Infraestructura Portuaria Mexicana S.A. de C.V. (IPM), subsidiary of PINFRA, was created as a response to 1994 Mexican Federal Government initiative for Port Privatization. The cession was given to IPM on june 1996 for the operation and management of Terminal #2 on the Port of Altamira, with an extension until year 2036.
Sources
- Victim siteipmaltamira.com.mx
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

