Ransomware victim disclosure
← All victimsHarvest
Claimed by RunSomeWares · listed 1 year ago
Status timeline
- ListedApr 10, 2025
- Data leakeddate unknown
At a glance
- Group
- RunSomeWares
- Status
- Data leaked
- Country
- France
- Sector
- Financial Services
- Listed on leak site
- Apr 10, 2025
About the victim
AI dossier — public-source company profileHarvest is a French fintech company founded in 1989, specializing in digital solutions for wealth management and finance professionals. The company provides software platforms, CRM tools, portfolio management, compliance, and reporting solutions to advisors, banks, insurers, and asset managers across Europe.
- Industry
- Financial Software & Wealth Management (WealthTech)
- Employees
- 51-200
- Founded
- 1989
Attack summary
Severity: high — Harvest is a major fintech platform handling sensitive financial and advisory data for high-net-worth clients and financial professionals across France and Europe. Confirmed exfiltration of such data poses significant risk to regulated financial information and client PII, even though specific proof volume and data details are not disclosed.RunSomeWares claims to have compromised Harvest and exfiltrated data. The group post provides no specific details on what data was taken or operational impact.
Data the group says was taken
AI dossier — extracted from the leak post- customer account information
- financial advisory records
- portfolio data
- client communications
- internal business data
What the group claims
Harvest is a French TechForFin of more than 35 years in full development. Harvest is the leading FinTech in France for software dedicated to the wealth management and finance
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

