Ransomware victim disclosure
← All victimsICS Nett
listed as INNOVATION COLLABORATION SYNERGY · Claimed by Royal · listed 3 years ago
Status timeline
- ListedFeb 6, 2023
- Data leakeddate unknown
At a glance
- Group
- Royal
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Feb 6, 2023
About the victim
AI dossier — public-source company profileICS Nett (Innovation Collaboration Synergy) is a U.S.-based integrated IT and cybersecurity services provider serving the U.S. Government, including the Department of Defense and the Cyber & Intelligence community. The company offers services spanning AI/ML, zero trust cybersecurity, cloud solutions, IT infrastructure, and customer experience platforms. It also develops FinbladeAI, a sovereign enterprise AI platform aimed at government and regulated-sector clients.
- Industry
- Federal IT & Cybersecurity Services
Attack summary
Severity: critical — ICS Nett is a premier provider of integrated IT and cybersecurity services to the U.S. Department of Defense and Intelligence community; confirmed data exfiltration and publication from a defense/intelligence contractor constitutes a critical disclosure with potential national security implications and likely exposure of sensitive government-related data.The Royal ransomware group claims to have exfiltrated data from ICS Nett and has published the data (disclosed status: data_published), providing a password-protected archive as proof of possession. No ransom amount or specific data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Password-protected exfiltrated data archive
The group's post references roughly 1 proof file.
What the group claims
ICS Nett delivers innovative solutions to critical challenges facing the nation and the world. As a premier provider of integrated services and solutions for the U. S. Government, it supports the Department of Defense, Cyber & Intelligence community.Pass archive: UwxKnTbZ5LsrPSxqSPKNsTjVKWWU9jRzgTS
Sources
- Victim siteics-nett.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

