Ransomware victim disclosure
← All victimsFKS Group
Claimed by Sarcoma · listed 1 year ago
Status timeline
- ListedApr 8, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileFKS Group is a South-East Asian holding company with significant interests in food production, logistics, infrastructure, and property development. The group operates through multiple subsidiaries across the region, with a stated focus on agricultural businesses, sugar refineries, infrastructure projects, and real estate development.
- Industry
- Holding Company; Food, Infrastructure & Property Development
Attack summary
Severity: high — Confirmed exfiltration of 177 GB of data from a large multi-sector holding company with regional operations; likely includes sensitive business, financial, and operational data across food, infrastructure, and property divisions.Sarcoma ransomware group claims to have exfiltrated 177 GB of data from FKS Group. The post indicates data publication but provides no specific details on encryption, operational disruption, or data categories beyond the archive size.
Data the group says was taken
AI dossier — extracted from the leak post- Business documents
- Financial records
- Operational files
What the group claims
FKS Group FKS Group is a South-East Asian holding company focused on food, infrastructure and property. Its companies combine a strong commitment to logistics and infrastructure with deep domestic and international understanding to realize the potential of businesses and people across the region. FKS Group strives to exceed stakeholders’ expectation and investment by ensuring a continued growth of the Group and developing employee’s competencies. The Group’s significant interests in agriculture, sugar refineries, infrastructure and property developments are managed by the subsidiaries.Geo: Singapore - Leak size: 177 GB Archive - Contains: Files
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

