Disclosure context

About mnt6

Given the limited public documentation available on mnt6, this appears to be a relatively obscure ransomware operation that emerged in April 2026 with only two known victims documented by security researchers. The group has demonstrated a focused targeting approach, conducting attacks against manufacturing and energy sector organizations specifically in Canada and New Zealand. Based on the small victim count and narrow geographic focus, mnt6 appears to operate as a small-scale independent ransomware group rather than a large RaaS operation, though their specific attack methodologies, encryption techniques, and data exfiltration practices have not been extensively documented in public threat intelligence reporting. No major campaigns or high-profile incidents have been attributed to this group, and their relatively recent emergence means there is insufficient public data from established security firms like Mandiant or government agencies like CISA and FBI regarding their operational tactics, techniques, and procedures. As of current reporting, mnt6 appears to remain active but maintains a low profile with minimal public visibility compared to more prominent ransomware families. The group has been linked to 3 public disclosures across our corpus. First observed on a leak site on April 30, 2026; most recent post May 2, 2026. The operation is currently active.

Timeline of this disclosure

May 2, 2026Photonic listed by mnt6on the group's public leak site

Sector and geography

This disclosure adds to ransomware activity in the Technology sector, which has 2,524 disclosures indexed across all operators we track. Geographically, Photonic is reported in Canada, a country with 810 ransomware disclosures in our corpus.

How we know this. Darkfield monitors public ransomware leak sites continuously, archiving every new disclosure and the data later released against the victim. Each entry on this page is sourced from the operator's own publication and cross-checked against complementary OSINT feeds (RansomLook, ransomware.live, RansomWatch). We do not collect or host stolen data — only the metadata, timestamps and screenshots needed to make the public disclosure searchable and accountable. Records here are corrected when the original post is edited, retracted, or merged with another disclosure.

Ransomware victim disclosure

← All victims

Photonic

Claimed by mnt6 · listed 18 days ago

18d

Age

since listed · data leaked

Status timeline

Listed
May 2, 2026
Data leaked

At a glance

Group: mnt6
Status: Data leaked
Country: Canada
Sector: Technology
Listed on leak site: May 2, 2026

About the victim

AI dossier — public-source company profile

Photonic is a Canadian technology company developing scalable, distributed, and fault-tolerant quantum computing and networking technologies. The company's platform is based on silicon spin qubits with a native telecom networking interface, targeting solutions for complex computational problems. Photonic has reported revenue of approximately $32.6M.

Industry: Quantum Computing & Networking Technology

Attack summary

Severity: critical — Photonic operates in a strategically sensitive quantum computing and networking sector with national security implications; confirmed data publication by the threat actor from a deep-tech company working on technologies relevant to defence and critical infrastructure elevates this to critical severity.

The group mnt6 claims to have exfiltrated data from Photonic and has published the data ('data_published' status), though the specific volume and nature of files exfiltrated are not detailed in the post.

critical

Data the group says was taken

AI dossier — extracted from the leak post

Proprietary quantum computing technology data
Internal business documents

What the group claims

Photonic is delivering scalable, distributed, and fault-tolerant quantum computing and networking technologies. With proven silicon spin qubits, and a native telecom networking interface, Photonic will deliver solutions for previously intractable problems –and unlock solutions for tomorrow’s problem sets. [Revenue: $32.6M]

The leak post

captured from the group's site

MNT6 MNT6 Leaks Market Contact us Silfab Solar Silfab Solar is a leading North American manufacturer of high-efficiency, premium-quality solar panels for residential, commercial, and utility projects. With over 40 years of industry experience, the company operates advanced manufacturing facilities in Canada and the United States, focusing on producing durable, reliable solar modules. Revenue: $217.3M McKay McKay is a leading international engineering firm that delivers strategically vital projects across national defense, high-tech shipbuilding, and global energy sectors. The company serves as a key technological partner to the state, implementing innovative automation systems and &#x27;green&#x27; solutions for critical infrastructure. Revenue: $135.8M Photonic Loading... Photonic is delivering scalable, distributed, and fault-tolerant quantum computing and networking technologies. With proven silicon spin qubits, and a native telecom networking interface, Photonic will deliver solutions for previously intractable problems –and unlock solutions for tomorrow’s problem sets. Revenue: $32.6M Contact us &times; Message subject Message Your contact email Send message &rarr;

Screenshot of the leak post

Sources

Leak posthttp://ttvbuilv5mf2wggfjgmvin22ndzghpukhsyy6coz3p4wt5nqnxah7tyd.onion/timed-post/4/

Source

Indexed 18 days ago

This page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.