Ransomware victim disclosure
← All victimsTouch Insurance (Core)
listed as core.touch-ins.co.il · Claimed by Toufan · listed 3 years ago
Status timeline
- ListedDec 19, 2023
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileTouch Insurance operates under the domain core.touch-ins.co.il and appears to be an Israeli insurance company or insurance services platform. Based on the domain structure, it likely provides insurance products or brokerage services to customers in Israel. No additional detail is available from the public site or leak post.
- Industry
- Insurance
Attack summary
Severity: high — The disclosure status is 'data_published', meaning exfiltrated data has been released. An insurance company in Israel would hold regulated PII, financial records, and policyholder data at scale. The Toufan group has a history of targeting Israeli entities with significant data exfiltration. Absence of specific proof count does not reduce the severity given confirmed publication.The Toufan ransomware group claims to have attacked this Israeli insurance company, with data published status indicating exfiltration and public disclosure of stolen data. No specific data types or volume were described in the captured leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Insurance customer records (inferred)
- Policyholder personal information (inferred)
- Financial/payment data (inferred)
Sources
- Victim sitecore.touch-ins.co.il/
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

