Ransomware victim disclosure
← All victimssoundinsurance.ca
Claimed by Braincipher · listed 3 months ago
Status timeline
- ListedMay 1, 2026
- Data leakeddate unknown
At a glance
- Group
- Braincipher
- Status
- Data leaked
- Country
- Canada
- Sector
- Financial Services
- Listed on leak site
- May 1, 2026
About the victim
AI dossier — public-source company profileSound Insurance Services Inc. is a Canadian insurance brokerage operating for over 80 years, headquartered at 205 Lesmill Rd, North York, Ontario. The company offers a broad range of personal and commercial insurance products including home, auto, motorcycle, commercial property, and aviation insurance, working with more than 40 insurers. It also operates a dedicated aviation insurance division covering commercial, personal, glider, hot air balloon, and UAV/drone programs.
- Industry
- Insurance Brokerage
- Address
- 205 Lesmill Rd, North York, ON M3B 2V1, Canada
Attack summary
Severity: critical — Over 1 TB of data has been published by the group (data_published status confirmed) from a regulated financial services / insurance brokerage, which likely contains significant volumes of policyholder PII, financial records, and sensitive commercial insurance data subject to Canadian privacy regulation (PIPEDA).BrainCipher claims to have exfiltrated more than 1 TB of data from Sound Insurance Services Inc. and has published multiple onion download links indicating the data has been fully released.
Data the group says was taken
AI dossier — extracted from the leak post- Insurance brokerage client records
- Commercial insurance data
- Aviation insurance records
- Internal business documents
- Employee/HR data (potential)
The group's post references roughly 10 proof files.
Original description
AI-summarised, not from the leak postN/A
The leak post
captured from the group's siteWe have more 1TB of data. If you think you are here by mistake, please contact us at [email protected] ⏳ 12d 8h 29m 41s remaining Download: 3fg2gfwrdks46drwvejpgpak5klrflclsjjo35dxtqfk3poeez6oezad.onion If you think you are here by mistake, please contact us at [email protected] Download: emdnfl2fv32jhssxcbxlo6dzg2at4d7qbw2md6inz63qzdfgyln5cwyd.onion If you think you are here by mistake, please contact us at [email protected] Download: a4vbe7yp4kluped6khuhpr5nmzshiimx2jt5j22ozriiq6ngsm3fcpyd.onion If you think you are here by mistake, please contact us at [email protected] Download: x3nb7qcygpem2j5xzstyzdtgzofzkwkx4eko3ug4r73i6uhcgvyffjyd.onion If you think you are here by mistake, please contact us at [email protected] Download: 3frnhzcnlkjnw5q3tm6elzizinm2k3bmrtf2xwqjzpcxzeqwn2tv6wyd.onion If you think you are here by mistake, please contact us at [email protected] Download: 6ft2dfh26wm3w44orpjcgviutvfp25ez2iyh5ego5egvfmifrws7vvqd.onion If you think you are here by mistake, please contact us at [email protected] Download: zijgmuqjzb6dc7pofxhtaiz36qqyg35lhutybmzaz6whzgei2casjgid.onion If you think…
Sources
Source
Indexed 3 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

