Ransomware victim disclosure
← All victimsP&S GmbH & Co. KG
listed as Pus Gmbh · Claimed by Morpheus · listed 2 years ago
Status timeline
- ListedJan 7, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileP&S GmbH & Co. KG is a German software and hardware manufacturer specializing in time tracking and employee time management solutions. Based in Gera, Thuringia, the company develops TiMaS, a comprehensive time capture system serving over 16,000 companies across multiple deployment methods (mobile app, terminals, PC-based). The company has 29+ years of market experience.
- Industry
- Time Management & Employee Tracking Software
- Address
- Hainstraße 13, 07545 Gera, Thüringen, Germany
Attack summary
Severity: high — Confirmed data exfiltration from a B2B software vendor with access to employee time/payroll data of 16,000+ downstream customers. Potential indirect exposure of sensitive workforce information across client base. High ransom demand ($5M) indicates significant data volume.The morpheus group claims to have breached P&S GmbH & Co. KG and exfiltrated data. The group demands $5 million ransom. The specific nature of exfiltrated data and operational impact are not detailed in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Customer databases
- Employee records
- Business documents
- System configurations
What the group claims
**Website**: pus-gmbh.eu **Revenue**: $5 Million The P&S GmbH & Co. KG has specialized as a manufacturer of electronic products and solutions for the time management. Time management includes time r
Sources
- Victim sitepus-gmbh.eu
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

