Ransomware victim disclosure
← All victimsSelex - Gruppo Commerciale
Claimed by Incransom · listed 3 months ago
Status timeline
- ListedApr 27, 2026
- Data leakeddate unknown
At a glance
- Group
- Incransom
- Status
- Data leaked
- Country
- Italy
- Sector
- Consumer Services
- Listed on leak site
- Apr 27, 2026
About the victim
AI dossier — public-source company profileSelex - Gruppo Commerciale is a leading grocery retail and distribution group operating in Italy. It functions as a cooperative commercial group serving supermarkets and related outlets across the country. The group manages supply chains, product distribution, and retail operations for its member businesses.
- Industry
- Grocery Retail & Distribution
Attack summary
Severity: critical — Confirmed exfiltration of ~1 TB of data including PII at scale (employees and customers), financial/payroll records, login credentials, and sensitive business data, with the data described as already published.The incransom group claims to have exfiltrated approximately 1 terabyte of sensitive data from Selex, including employee PII, financial records, customer and partner information, and internal databases containing credentials, tokens, product/supplier data, and BPM/workflow systems; data is described as published.
Data the group says was taken
AI dossier — extracted from the leak post- Employee personal information (names, addresses)
- Employee payroll and financial records
- Customer personal and transaction data
- Business partner and contractual information
- Intellectual property and project plans
- Confidential development documents
- Production source data
- Product and supplier databases
- Login credentials and authentication tokens
- Workflow engine and BPM system data
What the group claims
Selex Group Announces Cyber Attack and Data Breach Today We confirm that Selex, a leading grocery retailer and distributor in Italy, has fallen victim to a large-scale cyber attack. The breach, which occurred in recent days, has compromised approximately 1 terabyte of sensitive data, including both production and development sources, as well as the personal and financial information of employees, customers, and partners. It is estimated that the attack affected a significant amount of critical company data, including: Production and Development Sources: Intellectual property, project plans, and confidential development documents. Personal and Financial Data: Sensitive personal information, including names, addresses, financial records, and employee payroll details. Customer and Partner Information: Data related to Selex’s customer base and business partners, including transaction history and contractual agreements. Moreover, We dumped databases include: products, suppliers, specifications, login credentials, tokens, workflow engine, production data, and BPM system.
Sources
Source
Indexed 3 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

