Ransomware victim disclosure
← All victimsAcuity
Claimed by Stormous · listed 2 months ago
Status timeline
- Listed
Mar 28, 2026
- Data leaked
At a glance
- Group
- Stormous
- Status
- Data leaked
- Sector
- Business Services
- Listed on leak site
- Mar 28, 2026
- Data size
- 73
- Ransom demanded
- $900
About the victim
AI dossier — public-source company profileAcuity is identified in the leak post as a business services company. The post references internal system data, partner data, customer data including emails, names and phone numbers, admin data and roles, as well as legal documents such as NDAs involving strategic partners like Bosch and financial analyses of Acuity's financial position. No further public site details were available to confirm location or scale.
- Industry
- Business Services
Attack summary
Severity: high — Confirmed exfiltration and publication of significant business data including customer PII, partner records, admin credentials, and sensitive legal/financial documents; 73 GB of data published.Stormous claims to have exfiltrated 73 GB of data from Acuity, including internal system data, partner and customer records (email, name, phone number), admin credentials and roles, NDA drafts involving partners such as Bosch, and detailed financial documents; data is listed as published.
Data the group says was taken
AI dossier — extracted from the leak post- Internal system data
- Partner data
- Customer data (email, name, phone number)
- Admin data and roles
- NDA drafts (including Bosch-related)
- Financial analysis documents
What the group claims
Internal Data, System Data, Partner Data, Customer Data (Email, Name, Phone Number), Admin Data and their roles
The leak post
captured from the group's siteInitial Access Brokers - Long-Term Collaboration We are currently seeking reliable Initial Access Brokers for long-term collaboration. ** Please do not waste time attempting complex exploit development or direct EDR confrontation. We are interested exclusively in stable corporate access. Local user access is acceptable. * Small to mid-sized enterprises: fixed payment starting at * Large enterprises: revenue share from final settlement FANASA.COM Half the data has been extracted Personally Identifiable Information (PII), Electronic Fiscal Documents (CFDI/XML), Financial Transaction Records, Commercial Invoices & Billing Data, Taxpayer Identification Numbers (RFC), Client & Vendor Database/Internal Corporate Documentation Administrative/System Files/ADMIN, DOAS, operational records, engineering drawings, schematics... Project Planning & Execution Documents... (Folders/Files) Email/Communication/System/Application Data AYEAPLICACIONES database/Log Data BDATOSFITCLOD, Software/Installation/Program Files AUTOBOU, Personal/Miscellaneous Files AvenaCubana All of this data is offered for sale (user information: email, phone number, full name, date of birth / payment and bookin…
Data the group says was taken
- PII
- emails
Sources
Source
Indexed 2 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.