Ransomware victim disclosure
← All victimsEWIG Group
listed as Ewig Usa · Claimed by ALPHV/BlackCat · listed 2 years ago
Status timeline
- ListedMar 3, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- China
- Sector
- Manufacturing
- Listed on leak site
- Mar 3, 2024
About the victim
AI dossier — public-source company profileEWIG Group is an electronics manufacturing company based in Hong Kong with manufacturing facilities in China, specializing in printed circuit board assembly, product development, injection molding, and consumer electronics. With over 40 years of design and manufacturing experience, they produce a diverse range of consumer and industrial products including kitchen thermometers, pet feeders, wellness devices, and smart home products for global customers.
- Industry
- Electronic Manufacturing & Consumer Electronics
- Address
- Avenida Da Praia Grande No. 619, EDF.Comercial Si Toi L6, Macau
Attack summary
Severity: medium — Data published status indicates exfiltration occurred, but no proof files are advertised in the truncated post, no data inventory is detailed, and no operational impact is stated. The company manufactures consumer electronics rather than handling regulated sensitive data at scale.ALPHV group claims to have compromised EWIG Group and exfiltrated data. The specific details of what data was stolen or whether encryption occurred are not stated in the available post excerpt.
What the group claims
Ewig Group is a one stop solution provider in electronic manufacturing to global customers. We are a Hong Kong based company with well- equipped manufacturing facilities in China.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

