Ransomware victim disclosure
← All victimsUFA (United Farmers of Alberta)
listed as ufa.com.lb · Claimed by Lv · listed 4 years ago
Status timeline
- ListedFeb 11, 2022
- Data leakeddate unknown
At a glance
- Group
- Lv
- Status
- Data leaked
- Country
- Lebanon
- Sector
- Business Services
- Listed on leak site
- Feb 11, 2022
About the victim
AI dossier — public-source company profileUFA (United Farmers of Alberta) is a 100% Canadian-owned and operated agricultural co-operative serving farmers and ranchers across Alberta, British Columbia, and Saskatchewan. The company operates retail stores supplying farm inputs, livestock equipment, building materials, clothing, and crop inputs, as well as a petroleum division offering fuel and lubricant products. UFA is one of Canada's largest agricultural co-operatives with hundreds of locations across western Canada.
- Industry
- Agricultural Supply & Petroleum Retail Co-operative
- Address
- Calgary, Alberta, Canada
- Employees
- 1001-5000
- Founded
- 1909
Attack summary
Severity: high — Data is marked as published ('data_published') by the ransomware group against a large agricultural co-operative handling customer PII, financial/transactional records, and potentially fuel/agricultural supply chain data across multiple Canadian provinces. Even absent a detailed leak post, confirmed publication of data from an organisation of this scale and sector warrants a high severity rating.The Lv ransomware group claims an attack on UFA (ufa.com.lb/ufa.com) and has published data. No specific details regarding encryption, exfiltration volumes, or data categories were captured in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Unknown — leak post not captured
Sources
- Victim siteufa.com
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

