Ransomware victim disclosure
← All victimsEWIG Group
listed as Ewig Usa · Claimed by Alphv · listed 2 years ago
Status timeline
- ListedMar 3, 2024
- Data leakeddate unknown
At a glance
- Group
- Alphv
- Status
- Data leaked
- Country
- China
- Sector
- Manufacturing
- Listed on leak site
- Mar 3, 2024
About the victim
AI dossier — public-source company profileEWIG Group is a Hong Kong-based electronic manufacturing company with facilities in China, specializing in printed circuit board assembly, injection molding, and consumer electronics products including smart home devices, wellness products, and IoT devices. The company has over 40 years of design and manufacturing experience and serves global customers.
- Industry
- Electronic Manufacturing & Consumer Products
- Address
- Avenida Da Praia Grande No. 619, EDF.Comercial Si Toi L6, Macau
Attack summary
Severity: medium — Data published by ransomware operator with no proof files mentioned in available excerpt; no specific sensitive data categories confirmed (e.g., PII at scale, financial records, or regulated data); operational impact unclear.ALPHV claims to have compromised EWIG Group and published data. The specific nature of the compromise (encryption, exfiltration, or both) and the data categories affected are not detailed in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Manufacturing specifications
- Product designs
- Customer information
- Supply chain data
- Business records
What the group claims
Ewig Group is a one stop solution provider in electronic manufacturing to global customers. We are a Hong Kong based company with well- equipped manufacturing facilities in China.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

