Ransomware victim disclosure
← All victimsSobera S.A.
listed as DLS Motors · Claimed by Avoslocker · listed 4 years ago
Status timeline
- ListedDec 26, 2022
- Data leakeddate unknown
At a glance
- Group
- Avoslocker
- Status
- Data leaked
- Country
- Paraguay
- Sector
- Automotive
- Listed on leak site
- Dec 26, 2022
- Data size
- 50 GB
About the victim
AI dossier — public-source company profileSobera S.A. is a Paraguayan automotive company that operates under the DLS Motors brand and has been active in the Paraguayan market for approximately 83 years. The company is involved in vehicle distribution and sales, contributing to employment and economic growth in Paraguay. No further details on scale or headquarters address are available from the leak post.
- Industry
- Automotive Distribution & Sales
- Founded
- 1940
Attack summary
Severity: high — 50 GB of internal files have been exfiltrated and published, representing a significant confirmed data breach of business-sensitive information from an established company, though no specific regulated/PII-at-scale or critical infrastructure impact is confirmed.AvosLocker claims to have exfiltrated 50 GB of internal files from DLS Motors (Sobera S.A.). The post indicates data has been published, suggesting exfiltration without confirmed encryption details.
Data the group says was taken
AI dossier — extracted from the leak post- Internal company files
What the group claims
We downloaded 50GB of internal files from DLS Motors. -- Just 83 years ago, the company Sobera S.A. entered the Paraguayan market, bringing new business opportunities, new projects, new sources of employment and contributing to the sustained economic growth of our country.
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

