Ransomware victim disclosure
← All victimsHellmold & Plank GmbH & Co. KG
listed as hellmold-plank.de · Claimed by Safepay · listed 6 days ago
Status timeline
- ListedJun 27, 2026
- Data leakeddate unknown
At a glance
- Group
- Safepay
- Status
- Data leaked
- Country
- Germany
- Sector
- Manufacturing
- Listed on leak site
- Jun 27, 2026
About the victim
AI dossier — public-source company profileHellmold & Plank is a logistics and transportation company founded in 1904 in Gießen, Germany. They provide full-service logistics solutions including trucking (from partial to full loads), warehousing, inventory management, and e-commerce logistics across regional and long-distance routes.
- Industry
- Logistics & Transportation Services
- Address
- Gießen, Germany
- Founded
- 1904
Attack summary
Severity: medium — Data has been published by the group (disclosed_status: data_published), but the leak post excerpt provided does not specify the scope, sensitivity, or volume of exposed data. Without evidence of regulated data (PII at scale, financial records, etc.) or operational disruption claims, this falls into the medium category for confirmed exfiltration of unspecified business data.The SafePay group claims to have accessed Hellmold & Plank's systems and published data. The specific nature of the breach (encryption, exfiltration, or both) and the data categories affected are not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Operational data
- Customer information
What the group claims
Founded in 1904 by Heinrich Hellmold and Heinrich Plank, the company has evolved from a local cartage business into a …
Sources
Source
Indexed 6 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

