Ransomware victim disclosure
← All victimsLivingston International
listed as Livingston · Claimed by Royal · listed 3 years ago
Status timeline
- ListedJan 17, 2023
- Data leakeddate unknown
At a glance
- Group
- Royal
- Status
- Data leaked
- Country
- Canada
- Sector
- Business Services
- Listed on leak site
- Jan 17, 2023
About the victim
AI dossier — public-source company profileLivingston International is a Canadian customs brokerage, trade consulting, and freight forwarding company operating at livingstonintl.com. It serves businesses of all sizes with border clearance, compliance, duty optimization, global trade management, and freight forwarding solutions. The company operates 24/7 and supports clients ranging from one-time shippers to large enterprise importers and exporters.
- Industry
- Customs Brokerage & Trade Services
- Employees
- 1001-5000
Attack summary
Severity: high — Data has been published (disclosed status: data_published) and includes employee PII, financial records, and internal network structure — representing confirmed exfiltration of sensitive business and potentially regulated data from a significant trade services operator.The Royal ransomware group claims to have exfiltrated data from Livingston International and has published a proof pack containing employee documents, financial records, and network structure information.
Data the group says was taken
AI dossier — extracted from the leak post- Employee documents
- Finance records
- Network structure documentation
What the group claims
PROOFPACK - Employee documents \ Finance \ Network structure
Sources
- Victim sitelivingstonintl.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

