Ransomware victim disclosure
← All victimsCosta Del Sol Group
listed as Costa Del Sol Hotels · Claimed by Sarcoma · listed 2 years ago
Status timeline
- ListedOct 9, 2024
- Data leakeddate unknown
At a glance
- Group
- Sarcoma
- Status
- Data leaked
- Country
- Kuwait
- Sector
- Hospitality and Tourism
- Listed on leak site
- Oct 9, 2024
- Data size
- 50.5 GB
About the victim
AI dossier — public-source company profileCosta Del Sol Group is a Kuwaiti hospitality company established in the 1980s. The company operates two premier hotels and a rural estate, catering to a high-end clientele in Kuwait.
- Industry
- Hospitality & Tourism – Hotels & Resorts
- Address
- Kuwait
- Founded
- 1980
Attack summary
Severity: high — Confirmed exfiltration of 50.5 GB of data from a hospitality company likely containing guest personal information, financial records, and operational data. No encryption claim made, but data publication confirmed. Scale and sensitivity of hospitality sector data justify high severity.Sarcoma claims to have exfiltrated 50.5 GB of data from Costa Del Sol Group. The group states data has been published but does not specify the nature of exfiltrated materials or operational encryption.
Data the group says was taken
AI dossier — extracted from the leak post- Hotel guest records
- Business correspondence
- Financial records
- Operational documents
What the group claims
Costa Del Sol Group As a distinguished Kuwaiti entity, we have been steadfastly engaged in the realm of hospitality since the 1980s. Under our esteemed brand, we oversee the management of two premier hotels, along with a splendid rural estate, offering unparalleled experiences to our esteemed clientele.Geo: Kuwait - Leak size: 50,5 GB Archive - Contains: Files
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

