Ransomware victim disclosure
← All victimsIKP
Claimed by NoEscape · listed 3 years ago
Status timeline
- ListedSep 20, 2023
- Data leakeddate unknown
At a glance
- Group
- NoEscape
- Status
- Data leaked
- Country
- Austria
- Sector
- Technology
- Listed on leak site
- Sep 20, 2023
About the victim
AI dossier — public-source company profileikp is one of Austria's leading communications agencies, operating from four locations across Austria (Vienna, Salzburg, Vorarlberg, and Graz). The agency offers full-service PR services including strategy, content, and channel management, covering classic media work, digital communication, crisis communication, and sustainability communications. It ranks third among the highest-revenue PR agencies in Austria according to the 2026 Horizont PR Agency Ranking.
- Industry
- Public Relations & Communications Agency
- Address
- Kirchengasse 7/18, 1070 Wien, Austria
- Employees
- 40
Attack summary
Severity: high — Data has been published by the ransomware group, confirming exfiltration of significant business data from a PR agency that handles sensitive client communications and strategic corporate information. While not regulated health or government data, the published status and the sensitive nature of client communications at a leading PR firm represent significant business and reputational harm.NoEscape claims to have attacked ikp and has published data (disclosed status: data_published), suggesting both exfiltration and likely encryption occurred. The specific data types and volume have not been detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Client communications data
- Internal business documents
- Employee information
- PR campaign materials
- Contact and correspondence records
What the group claims
Three letters with a big impact – ikp is one of the leading communications agencies in Austria and has won many awards. From classic media work to digital communication – w...
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

