Ransomware victim disclosure
← All victimsINFINITI USA
listed as INFINITIUSA.COM · Claimed by Mogilevich · listed 2 years ago
Status timeline
- ListedFeb 20, 2024
- Data leakeddate unknown
At a glance
- Group
- Mogilevich
- Status
- Data leaked
- Country
- United States
- Sector
- Transportation/Logistics
- Listed on leak site
- Feb 20, 2024
- Data size
- 22 GB
About the victim
AI dossier — public-source company profileINFINITI USA is the North American luxury vehicle division, offering premium SUVs, crossovers, and sedans (QX60, QX80, Q50, Q60 models). The company operates a retailer network and provides financing, maintenance, and ownership services through their digital platform.
- Industry
- Luxury Motor Vehicle Manufacturing & Sales
Attack summary
Severity: critical — Confirmed exfiltration of 22 GB containing PII at scale (names, addresses, phone, email, passwords) plus operational automotive data (VINs); posted for sale; affects a major automotive retail operation with nationwide customer base.Mogilevich claims to have breached INFINITI USA's systems and exfiltrated 22 GB of customer and operational data including VINs, names, addresses, contact information, and credentials. The group announced the data is for sale with a deadline of 2.25.24.
Data the group says was taken
AI dossier — extracted from the leak post- Vehicle Identification Numbers (VINs)
- Customer names
- Physical addresses
- Zip codes and cities
- Phone numbers and mobile provider details
- Email addresses
- Passwords
What the group claims
We successfully breached InfinitiUSA's system. Category: Motor Vehicle Manufacturing, Motor Vehicles, Manufacturing Data compromised: vin, first name, last name, address, zip, city, state, mobile, mobile provider, email and password Size: 22GB Data is also for sale! Deadline: 2.25.24 If you are an employee of the company or someone who would like to buy the data, click on me
Sources
- Victim siteinfinitiusa.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

