Ransomware victim disclosure
← All victimsManutan
Claimed by Doppelpaymer · listed 5 years ago
Status timeline
- ListedFeb 21, 2021
- Data leakeddate unknown
At a glance
- Group
- Doppelpaymer
- Status
- Data leaked
- Country
- France
- Sector
- Critical Manufacturing
- Listed on leak site
- Feb 21, 2021
About the victim
AI dossier — public-source company profileManutan is a French B2B distributor specialising in office furniture and supplies, warehouse equipment, industrial tools, and packaging materials, operating primarily across Europe. The company sells through e-commerce and catalogue channels to businesses and public-sector clients. Headquartered in Gonesse, France, Manutan serves hundreds of thousands of customers across more than 25 countries.
- Industry
- B2B Industrial & Office Supplies Distribution
- Employees
- 1001-5000
- Founded
- 1966
Attack summary
Severity: high — Data has been published (disclosed status: data_published) by DoppelPaymer, a group known for double-extortion involving exfiltration prior to publication; Manutan is a large pan-European distributor likely holding significant volumes of business, customer, and financial data, making published exfiltration a high-severity event even without explicit data-size figures.DoppelPaymer claims to have attacked Manutan and has published data from the victim, indicating exfiltration of company data; no specific ransom amount was stated and no further detail on encryption or data volume is available from the captured post.
Data the group says was taken
AI dossier — extracted from the leak post- Business data (unspecified)
- Potentially internal company documents
- Potentially customer/supplier records
Sources
- Victim siteManutan.fr
Source
Indexed 5 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

