Ransomware victim disclosure
← All victimsSOLEIL
Claimed by Fog · listed 1 year ago
Status timeline
- ListedFeb 4, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileSOLEIL is a French national synchrotron radiation facility operated by the CNRS and CEA, located in the Paris-Saclay area. It provides cutting-edge research infrastructure for scientists across physics, chemistry, materials science, and biology. The facility serves thousands of researchers annually from academia and industry.
- Industry
- Scientific Research & Synchrotron Radiation Facility
- Address
- Saint-Aubin, France
- Employees
- 500-600
- Founded
- 1995
Attack summary
Severity: high — SOLEIL is critical national research infrastructure. Exfiltration of source code, research data, and development credentials from a government-backed synchrotron facility poses significant risks to operational security, intellectual property, and ongoing research projects. No ransom demand suggests data publication intent.Fog claims to have exfiltrated data from SOLEIL's systems, mentioning extraction from GitLab repositories. The group published the disclosure without explicit ransom demand, indicating data has been published or is threatened for publication.
Data the group says was taken
AI dossier — extracted from the leak post- source code repositories
- research data
- development credentials
- internal documentation
What the group claims
Extract from Gitlabs: hemio.de, SOLEIL, Devlion
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

