Ransomware victim disclosure
← All victimsSCP Automation
listed as www.scpautomation.com · Claimed by RansomHub · listed 1 year ago
Status timeline
- ListedMar 21, 2025
- Data leakeddate unknown
At a glance
- Group
- RansomHub
- Status
- Data leaked
- Country
- Canada
- Sector
- Manufacturing
- Listed on leak site
- Mar 21, 2025
About the victim
AI dossier — public-source company profileSCP Automation is a Canadian engineering and automation firm founded in 2012, based in Lévis, Québec. They specialize in industrial process optimization, automation systems, control integration, and food processing engineering for dairy, food production, manufacturing, pharmaceutical, and petrochemical sectors. The company employs technicians and engineers providing 24/7 technical support.
- Industry
- Industrial Automation & Engineering
- Address
- Lévis, Québec, Canada
- Founded
- 2012
Attack summary
Severity: medium — Data has been published by the ransomware group (disclosed status confirmed), indicating exfiltration occurred. However, no specific sensitive data types (PII at scale, regulated health/financial data) are explicitly mentioned in the available post. The victim is a B2B industrial services firm rather than a custodian of regulated personal data, limiting severity to medium.RansomHub claims to have attacked SCP Automation and exfiltrated data. The group has published the victim listing with claimed data extraction, though specific details on data types or operational impact are not elaborated in the provided leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations data
- Technical documentation
- Client information
- Engineering designs
Original description
AI-summarised, not from the leak post"SCP Automation is a Canada-Based company dealing in automation, controls, and industrial IT. Their team of engineers and technicians specialize in the application of automation systems in a multitude of sectors including water treatment, food production, manufacturing, and energy. They aim to improve their clients' operational efficiency & productivity."
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

