Ransomware victim disclosure
← All victimsHighWire Press
Claimed by Hellcat · listed 1 year ago
Status timeline
- ListedApr 5, 2025
- Data leakeddate unknown
At a glance
- Group
- Hellcat
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Apr 5, 2025
About the victim
AI dossier — public-source company profileHighWire Press is a digital publishing platform provider founded in 1995 and born out of Stanford University. It serves the global scholarly publishing community with end-to-end solutions spanning manuscript submission, peer review, content hosting, publication, and analytics. The company powers over 60 million monthly users and processes 200 million key activities monthly across academic journals, preprints, and books.
- Industry
- Scholarly Publishing Technology & Digital Services
- Founded
- 1995
Attack summary
Severity: high — Confirmed exfiltration of internal documents and communications from a critical infrastructure provider serving the global scholarly publishing ecosystem. Potential secondary impact on numerous publishing partners and academic institutions dependent on the platform.Hellcat claims to have exfiltrated sensitive data from HighWire Press, including internal documents and communications. The group states the breach could impact both HighWire and its publishing partners.
Data the group says was taken
AI dossier — extracted from the leak post- internal documents
- communications
- publishing partner materials
What the group claims
Jiraware <<3 !! We hold sensitive data from HighWire Press, a leading platform serving scholarly publishers. The data includes internal documents, communications, and materials that could impact both HighWire and its publishing partners.
Sources
- Victim sitehighwirepress.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

