Ransomware victim disclosure
← All victimsGoldhorse Capital Management
Claimed by Beast · listed 8 months ago
Status timeline
- ListedNov 13, 2025
- Data leakeddate unknown
At a glance
- Group
- Beast
- Status
- Data leaked
- Country
- Switzerland
- Sector
- Financial Services
- Listed on leak site
- Nov 13, 2025
About the victim
AI dossier — public-source company profileGoldhorse Capital Management (HK) Limited is a Hong Kong-based financial services firm licensed by the Securities and Futures Commission of Hong Kong (CE No. BDR769) for Type 1 (dealing in securities) and Type 4 (advising on securities) regulated activities. The firm specialises in structured products and securities advisory services. It operates primarily in the Hong Kong market under SFC regulation.
- Industry
- Structured Products & Securities Advisory
- Address
- Hong Kong
Attack summary
Severity: high — Goldhorse is a regulated securities and structured-products firm; exfiltration and publication of data from a licensed financial institution is likely to include sensitive client, financial, or regulatory records, constituting significant business and potentially regulated data exposure.The Beast ransomware group claims to have published data belonging to Goldhorse Capital Management; the leak post content appears mismatched (referencing AJU Pharm Co., Ltd.), but the disclosed status is listed as data_published, suggesting exfiltrated data has been released.
Data the group says was taken
AI dossier — extracted from the leak post- Published exfiltrated data (nature unspecified)
What the group claims
The company's customers' personal data, databases, and source code have been stolen. If the company does not respond within 24 hours, this data will be published.
The leak post
captured from the group's siteAJU Pharm Co., Ltd. is a prominent South Korean total healthcare company founded in 1953. For over 70 years, it has evolved from a manufacturer of raw materials into a global pharmaceutical group specializing in prescription drugs, medical devices, and health supplements P U B L I S H E D
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

