Ransomware victim disclosure
← All victimsWine Works Australia
Claimed by Direwolf · listed 11 months ago
Status timeline
- ListedAug 25, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileWine Works Australia is a wine sales and marketing company based in Australia that represents local and international wineries in export markets. The company assists wineries in starting or expanding their export operations by leveraging knowledge of wine and international markets to develop sales strategies. It focuses on building sustainable and profitable relationships with business partners across different regions.
- Industry
- Wine Sales & Export Marketing
Attack summary
Severity: medium — The disclosure status is 'data_published', indicating some data has been released, but there is no detail on the type, volume, or sensitivity of the data exposed. No ransom amount, data size, or proof count is stated, and the leak post description appears AI-generated with no specific evidence claims, limiting severity assessment to medium.The direwolf ransomware group claims to have attacked Wine Works Australia and has published data related to the company. The specific nature of the attack (encryption, exfiltration, or both) and the volume of data involved are not detailed in the leak post.
Original description
AI-summarised, not from the leak postWine Works Australia is a wine sales and marketing company that represents local and international wineries in export markets. They focus on establishing sustainable and profitable relationships with business partners. The company uses its extensive knowledge of wine and international markets to develop effective strategies to drive wine sales in different regions. They offer services to wineries seeking to start or expand their export operations.
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

