Ransomware victim disclosure
← All victimsInvivoGen HK
Claimed by Sinobi · listed 6 months ago
Status timeline
- ListedJan 12, 2026
- Data leakeddate unknown
At a glance
- Group
- Sinobi
- Status
- Data leaked
- Country
- Hong Kong SAR China
- Sector
- Technology
- Listed on leak site
- Jan 12, 2026
About the victim
AI dossier — public-source company profileInvivoGen HK is a Hong Kong-based entity associated with InvivoGen, a company engaged in biological research with specialisation in microbial fermentation. The company provides a range of biological molecules including ultra-pure antibiotics, mycoplasma treatments, and pattern recognition receptor agonists derived from micro-organisms. It operates in the biotechnology and life sciences sector.
- Industry
- Biotechnology & Life Sciences Research
Attack summary
Severity: high — The disclosure status is 'data_published', indicating confirmed exfiltration and publication of data from a biotechnology research company. Bio-research data, proprietary formulations, and related intellectual property constitute significant and sensitive business data. While specific regulated PII at scale is not confirmed, the nature of the sector and confirmed publication elevate severity to high.The ransomware group Sinobi claims to have attacked InvivoGen HK and has published data, suggesting exfiltration of company data. The specific data types and volume have not been detailed in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Biological research data
- Company internal documents
What the group claims
InvivoGen's conducts bio research and has unparalleled skill in microbial fermentation that enables them to provide a wide range of biological molecules, including ultra-pure antibiotics, novel mycoplasma treatments and the largest collection of pattern recognition receptor agonists derived from a wide range of micro-organisms.
Sources
Source
Indexed 6 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

