Ransomware victim disclosure
← All victimsTecnocurva
listed as tecnocurva.com.br · Claimed by Incransom · listed 8 days ago
Status timeline
- ListedJul 7, 2026
- Data leakeddate unknown
At a glance
- Group
- Incransom
- Status
- Data leaked
- Country
- Brazil
- Sector
- Technology
- Listed on leak site
- Jul 7, 2026
About the victim
AI dossier — public-source company profileTecnocurva is a Brazilian manufacturer specializing in curved, welded, and stamped tubular assemblies for the automotive, heavy equipment, and agricultural machinery sectors. The company produces structural pipes, exhaust systems, and stamped components to high technical standards.
- Industry
- Automotive Manufacturing & Metalworking
Attack summary
Severity: medium — Data has been published by the threat actor, indicating confirmed exfiltration. However, no specific sensitive data categories (PII, financial, trade secrets) are detailed in the available post, and no proof files/screenshots are described.Incransom group claims to have attacked Tecnocurva and exfiltrated company data. The group has published the data, though no specific details about the scope or content are provided in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- customer information
- operational data
What the group claims
Company operating in the automotive sector. Heavy and agricultural segment. Forming of tubes and welded assemblies. Tecnocurva manufactures curved, welded, and stamped tubular assemblies, structural and exhaust pipes, and stamped parts with high technical standards and a total focus on performance.
Sources
Source
Indexed 8 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

