Ransomware victim disclosure
← All victimsLeekes Ltd
Claimed by NoEscape · listed 3 years ago
Status timeline
- ListedSep 24, 2023
- Data leakeddate unknown
At a glance
- Group
- NoEscape
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Retail & Consumer
- Listed on leak site
- Sep 24, 2023
About the victim
AI dossier — public-source company profileLeekes Ltd is a Welsh family retailer founded in 1897, operating five to seven stores across South Wales, South West England, and the Midlands. The company sells furniture, bathrooms, kitchens, bedrooms, home accessories, garden products, and DIY supplies. It trades both in-store and online via leekes.co.uk.
- Industry
- Home Furnishings & Retail
- Address
- South Wales / South West England / The Midlands, United Kingdom
- Employees
- 51-200
- Founded
- 1897
Attack summary
Severity: high — Data is confirmed published by the ransomware group, indicating successful exfiltration of business data from a retail company that holds customer PII and financial records; while not a critical-sector target, the confirmed data publication elevates severity to high.NoEscape claims to have attacked Leekes Ltd and the disclosure status is marked as data_published, indicating exfiltration and publication of company data. The specific data types and volume were not detailed in the truncated post.
Data the group says was taken
AI dossier — extracted from the leak post- Customer records
- Employee data
- Financial documents
- Business operational data
What the group claims
Leekes Ltd is a Welsh retailer based in South Wales, South West England and The Midlands. The company was founded in 1897, and currently has seven operating stores. The com...
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

