Ransomware victim disclosure
← All victimsinterfides Steuerberatungsgesellschaft mbH
listed as interfides.de · Claimed by Werewolves · listed 3 years ago
Status timeline
- ListedDec 20, 2023
- Data leakeddate unknown
At a glance
- Group
- Werewolves
- Status
- Data leaked
- Country
- Germany
- Sector
- Business Services
- Listed on leak site
- Dec 20, 2023
About the victim
AI dossier — public-source company profileinterfides Steuerberatungsgesellschaft mbH is a German tax consulting firm founded in 1978 specializing in advising foreign entrepreneurs and companies with business activities in Germany. Based in Munich with additional presence in Berlin, they offer comprehensive tax advisory, accounting, payroll, and legal consulting services (through affiliated counsel) across international tax matters.
- Industry
- Tax Consulting & Business Advisory Services
- Address
- Elsenheimerstr. 67, 80687 München, Germany
- Founded
- 1978
Attack summary
Severity: medium — Disclosed status indicates data_published, but no proof files, ransom demand, or specific data inventory is mentioned in the provided post. Tax consulting firms handle sensitive client financial and tax information; however, without confirmation of exfiltration scope or specific regulated data categories, severity is assessed as medium rather than high.The werewolves group claims to have compromised interfides and published data. The group's post does not specify whether data was exfiltrated, encrypted, or both, nor does it detail the scope of data affected.
Data the group says was taken
AI dossier — extracted from the leak post- client records
- tax documentation
- business advisory files
- potentially PII of foreign business clients
What the group claims
interfides Steuerberatungsgesellschaft mbH was established in 1978, and specialises in providing advisory services to foreign clients with a business presence in Germany.
Sources
- Victim siteinterfides.de
- Leak posthttps://werewolves.pro/en/metalnet-nl.html
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

