Ransomware victim disclosure
← All victimsSTELIA North America
Claimed by Rhysida · listed 5 days ago
Status timeline
- Listed
May 16, 2026
- Data leaked
At a glance
- Group
- Rhysida
- Status
- Data leaked
- Country
- Canada
- Sector
- Aerospace and Defence
- Listed on leak site
- May 16, 2026
- Data size
- 9.3 TB
- Records
- 4324287 files
About the victim
AI dossier — public-source company profileSTELIA North America is a Canadian aerospace and defence company specialising in the design, development, and manufacturing of composite structures and components. The company works as a supplier and partner to major defence and aerospace primes including Lockheed Martin, Northrop Grumman, Sikorsky, Boeing, Airbus Atlantic, Bombardier, and others. It operates within the broader STELIA Aerospace / Airbus group ecosystem.
- Industry
- Aerospace & Defence Composites Manufacturing
Attack summary
Severity: critical — Over 9.3 TB of data has been fully published publicly, spanning a defence and aerospace manufacturer with documented ties to multiple major defence primes (Lockheed Martin, Northrop Grumman, Sikorsky, Boeing, etc.). The exfiltration and full publication of data at this scale from a defence supply-chain company constitutes a critical national-security and regulated-data exposure event, with significant potential for controlled/export-restricted technical data disclosure across multiple allied-natRhysida claims to have exfiltrated approximately 9.3 TB of confidential data comprising over 4.3 million files from STELIA North America and states that all files have been published to public access. The stolen data reportedly includes sensitive information related to major defence and aerospace partner companies such as Lockheed Martin, Northrop Grumman, Sikorsky, Leonardo, L3Harris, Airbus Atlantic, Boeing, Bombardier, De Havilland, ARDE, and MDA.
Data the group says was taken
AI dossier — extracted from the leak post- Confidential partner company data
- Lockheed Martin project/programme files
- Northrop Grumman project/programme files
- Sikorsky project/programme files
- Leonardo project/programme files
- L3Harris project/programme files
- Airbus Atlantic project/programme files
- Boeing project/programme files
- Bombardier project/programme files
- De Havilland project/programme files
- ARDE project/programme files
- MDA project/programme files
- Internal business/engineering documents (4,324,287 files total)
What the group claims
STELIA North America is an aerospace and defence company specializing in the design, development, and manufacturing of composites. Data from major partner companies including Lockheed Martin, Northrop Grumman, Sikorsky, Leonardo, L3Harris, Airbus Atlantic, Boeing, Bombardier, De Havilland, ARDE, MDA.
The leak post
captured from the group's siteSTELIA North America is an aerospace and defence company specializing in the design, development, and manufacturing of composites.10 TB of confidential data!Data from major partner companies, such as: Lockheed Martin, Northrop Grumman, Sikorsky, Leonardo, L3Harris, Airbus Atlantic, Boeing, Bombardier, De Havilland, ARDE, MDA. Data Catalog: 9,3 Tb, 4 324 287 Files All files was uploaded to public access, data hunters, enjoy [Southold Town Senior ServicesSouthold Police Department](https://www.southoldtownny.gov) The Town of Southold, New York provides various government services including forms and permits, online payments, and notifications for residents. Southold Police Department is a company that operates in the Local industry. Data Catalog: 1,7 Tb, 767 693 Files All files was uploaded to public access, data hunters, enjoy We will post news about our company hereIf you see news about us, send them to us and we will post it here Journalists, Recoveries, Fans, fill out the form and you will be contacted for collaboration Share your contact details and leave a message We'll get back to you soon (Or maybe not, depending on who you are) How you can buy BTC Buy btc in 15 minutes,e…
Data the group says was taken
- confidential data
Sources
Source
Indexed 5 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.