Ransomware victim disclosure
← All victimsMón Sant Benet
Claimed by Datacarry · listed 1 year ago
Status timeline
- ListedJun 12, 2025
- Data leakeddate unknown
At a glance
- Group
- Datacarry
- Status
- Data leaked
- Country
- Spain
- Sector
- Hospitality and Tourism
- Listed on leak site
- Jun 12, 2025
About the victim
AI dossier — public-source company profileMón Sant Benet is a cultural and tourist complex in Catalonia, Spain, centered on a 10th-century medieval monastery. The site includes a modernist summer residence, the Alícia Foundation (gastronomic research institute), a 4-star hotel, and offers tours, events, gastronomy experiences, and educational workshops.
- Industry
- Cultural Heritage, Tourism & Hospitality
- Address
- Sant Benet de Bages, Catalonia, Spain
- Founded
- 1025
Attack summary
Severity: medium — Data has been published by the threat actor, suggesting confirmed exfiltration. However, the leak post excerpt provides no specifics on data sensitivity, scale, or proof artifacts. A cultural/tourism organization may hold guest PII and payment data, but no regulated sectors (medical, financial services) are explicitly indicated.The datacarry group claims to have exfiltrated data from Món Sant Benet. The specific nature of the compromise (encryption, data theft, or both) and the scope of exfiltration are not detailed in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- operational records
- guest information
- financial data
- staff records
Original description
AI-summarised, not from the leak postMón Sant Benet is a unique cultural, tourist, and leisure project in Catalonia, Spain. It encompasses a medieval monastery that dates back to the 10th century, the modernist summer home of the famous painter Ramón Casas, the Alícia Foundation (which focuses on gastronomic research), and a luxury 4-star hotel. The company offers fascinating tours, events, gastronomy experiences, and education workshops.
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

