Ransomware victim disclosure
← All victimsCERALP
Claimed by 8Base · listed 2 years ago
Status timeline
- ListedFeb 7, 2024
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileCERALP is a French professional services firm founded in 1987 providing accounting, audit, HR, and legal consulting services to businesses. With 8 chartered accountants and 100 employees across three sites in the Rhône region (Villefranche-sur-Saône, Lyon, Sainte-Foy-lès-Lyon), they serve SMEs, professionals, and groups across multiple sectors.
- Industry
- Accounting, Audit & Business Consulting
- Address
- Villefranche-sur-Saône, Lyon, Sainte-Foy-lès-Lyon, France
- Employees
- 100
- Founded
- 1987
Attack summary
Severity: high — CERALP is an accounting and audit firm with access to sensitive financial, tax, and HR data for numerous client companies. Exfiltration of such data affects client confidentiality and creates downstream risk for those clients, though no specific proof or data size is documented in the post.8Base claims to have breached CERALP and exfiltrated data. The leak post provides minimal technical details about the attack scope or data categories compromised.
Data the group says was taken
AI dossier — extracted from the leak post- Client financial records
- Audit documentation
- HR & payroll data
- Legal documents
- Business consulting files
What the group claims
For 30 years, the CRAP company, located in Beaujolais and Leon, has been carrying out regular or one-time missions throughout France.Over the years, she has acquired new partners and now has 7 accountants and auditors.ceralp.fr
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

