Ransomware victim disclosure
← All victimsguesty, LITELLM/TRIVY CAMPAIGN (TEAMPCP)
Claimed by Vect · listed 3 months ago
Status timeline
- ListedApr 15, 2026
- Data leakeddate unknown
At a glance
- Group
- Vect
- Status
- Data leaked
- Country
- Israel
- Sector
- Technology
- Listed on leak site
- Apr 15, 2026
About the victim
AI dossier — public-source company profileGuesty is an Israel-based SaaS platform providing AI-powered property management software for short-term rental operators, from individual hosts to enterprise-scale property management companies. It integrates with Airbnb, Booking.com, Vrbo, and 60+ distribution channels, offering tools for reservations, guest communications, revenue management, and payments. The platform serves clients ranging from single-listing hosts to operations managing 200+ properties.
- Industry
- Property Management Software (Short-Term Rental SaaS)
- Employees
- 201-1000
- Founded
- 2013
Attack summary
Severity: critical — 700 GB exfiltration includes millions of emails with attachments and a full userbase from a multi-sided SaaS platform handling guest PII, reservation data, and financial transactions across Airbnb and Booking.com — constituting large-scale regulated personal and financial data exposure affecting both the company and its end-user guests and property managers.The group 'vect' claims to have exfiltrated approximately 700 GB of data from Guesty, including internal project files, approximately 4 million sent and received emails with attachments, user/customer base records, and data tied to Airbnb and Booking.com integrations; negotiations were reportedly ongoing at time of disclosure.
Data the group says was taken
AI dossier — extracted from the leak post- Internal project files
- 4 million sent/received emails with attachments
- User/customer database
- Airbnb integration data
- Booking.com integration data
What the group claims
Status: STATUS: NEGOTIATING | Sector: property management | internal projects, 4 million sent/received mails with attachments, userbase, Airbnb and booking.com data stolen from guesty DATA SIZE: 700GB | Deadline: 9d 8h
Sources
- Victim sitewww.guesty.com
Source
Indexed 3 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

