Ransomware victim disclosure
← All victimsAFTA Isfahan
Claimed by Arvinclub · listed 3 years ago
Status timeline
- ListedAug 3, 2023
- Data leakeddate unknown
At a glance
- Group
- Arvinclub
- Status
- Data leaked
- Country
- Iran
- Sector
- Government
- Listed on leak site
- Aug 3, 2023
About the victim
AI dossier — public-source company profileAFTA Isfahan appears to be a regional office or entity associated with Iran's Information Technology Organization (ITO), operating under ito.gov.ir. AFTA is a Persian acronym linked to Iran's Agency for the Development of Information Technology and digital infrastructure governance. It likely serves as a provincial ICT authority or affiliated body in Isfahan, Iran.
- Industry
- Government – ICT & Technology Regulation
Attack summary
Severity: high — The victim is a government-affiliated ICT regulatory entity in Iran with data_published status, indicating confirmed exfiltration and public release of government data. Even without a detailed inventory, published government data typically carries high sensitivity including personnel records, infrastructure details, or administrative data.The group Arvinclub claims to have published data belonging to AFTA Isfahan; the disclosure status is marked as data_published, indicating exfiltration and release of data, though no specific details on encryption or data contents were captured in the leak post.
Sources
- Victim siteito.gov.ir/fa/afta
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

