Ransomware victim disclosure
← All victimsUPS
Claimed by Hunters International · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- United States
- Sector
- Transportation/Logistics
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileUnited Parcel Service (UPS) is an American multinational logistics and courier delivery corporation headquartered in Atlanta, Georgia. Founded in 1907, UPS operates a global network delivering over 20 million packages daily to more than 220 countries and territories. The company also provides freight forwarding, supply chain management, and related business services.
- Industry
- Logistics & Courier Delivery Services
- Address
- 55 Glenlake Parkway NE, Atlanta, Georgia 30328, United States
- Employees
- 500000+
- Founded
- 1907
Attack summary
Severity: medium — The disclosure status is 'data_published', indicating some data release occurred, but the leak post contains no verifiable specifics about data type, volume, or sensitivity — it reads as AI-generated boilerplate with no concrete proof inventory or operational impact described, preventing a higher severity rating despite UPS being critical logistics infrastructure.Hunters International claims to have attacked UPS and has published data, though the leak post provides no specific detail on whether encryption or exfiltration occurred, nor does it quantify the volume or nature of the data involved.
Original description
AI-summarised, not from the leak postUnited Parcel Service (UPS) is an American multinational company that specializes in logistics, courier delivery services, and supply chain management solutions. Founded in 1907, it's headquartered in Atlanta, Georgia. With a global network, UPS delivers over 20 million packages daily to 220+ countries and territories worldwide. It also offers services like freight forwarding and supply chain designing.
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

