Ransomware victim disclosure
← All victimsESHA Research / ESHA Cloud Services
listed as eshacloudqa.com · Claimed by Stormous · listed 5 days ago
Status timeline
- ListedJun 28, 2026
- Data leakeddate unknown
At a glance
- Group
- Stormous
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Jun 28, 2026
About the victim
AI dossier — public-source company profileESHA Research operates ESHA Cloud Services, a product development and data platform serving the food and supplement industry. The company maintains databases of formulation designs, nutritional analysis, and client consumer data.
- Industry
- Food Science & Nutritional Software
Attack summary
Severity: high — Confirmed exfiltration of significant proprietary business data (product formulations, manufacturing designs, trade secrets) combined with consumer/client PII and sensitive regulatory data (allergen records). High impact to company IP and potential regulatory exposure.Stormous claims to have breached ESHA's core product development databases and exfiltrated intellectual property including product formulations, manufacturing blueprints, laboratory data, nutritional testing records, and consumer client profiles.
Data the group says was taken
AI dossier — extracted from the leak post- Product formulations and recipes
- Manufacturing blueprints and designs
- Laboratory testing data
- Nutritional analysis records
- Allergen classification records
- Client profiles
- Consumer activity data
- Market metrics
What the group claims
We have breached ESHA Research / ESHA Cloud Services and compromised their core product development databases. The exfiltrated data includes highly confidential industry secrets and formulation data Complete intellectual property containing secret product designs, manufacturing blueprints, and recipes (SupplementFormula, PureFood, FoodGroup).Deep laboratory data, nutritional testing breakdowns, and allergen classification records (SupplementIngredient, Analysis, AllergenGroup, Sensitive registries containing client profiles, user metrics, and market consumer data (Consumer, Activity).
Sources
- Victim siteeshacloudqa.com
Source
Indexed 5 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

