Ransomware victim disclosure
← All victimsW.H. Müller GmbH & Co. KG
listed as WH Müller · Claimed by Deadlock · listed 5 days ago
Status timeline
- ListedJul 10, 2026
- Data leakeddate unknown
At a glance
- Group
- Deadlock
- Status
- Data leaked
- Country
- Germany
- Sector
- Manufacturing
- Listed on leak site
- Jul 10, 2026
About the victim
AI dossier — public-source company profileW.H. Müller is a family-owned German company founded in 1926 in Frankfurt am Main, specializing in electrical engineering (building installations, lighting systems, emergency power, telecommunications) and IT technology services (networking, antivirus solutions, systems integration). The company employs 60 staff at its headquarters in Frankfurt-Sossenheim and serves both corporate and residential customers.
- Industry
- Electrical Engineering & IT Technology Services
- Address
- Westerbachstraße 120, 65936 Frankfurt am Main, Germany
- Employees
- 60
- Founded
- 1926
Attack summary
Severity: low — No proof files or screenshots are referenced in the truncated leak post; no specific data categories or operational impact are stated; disclosure is limited to a generic claim of attack with no supporting evidence of actual data exfiltration or encryption impact.Deadlock claims to have attacked W.H. Müller and published data from the company. The leak post provides no specific detail on whether encryption, exfiltration, or both occurred, nor does it specify what data categories were compromised.
What the group claims
WH Müller is a family business in the field of electrical engineering and IT technology.
Sources
- Victim sitewww.whm.de
- Leak posthttps://www.swisstransfer.com/d/82bede2b-0f53-4644-9801-6a68a1c4a605
Source
Indexed 5 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

