Ransomware victim disclosure
← All victimsWatchfinder & Co
Claimed by Everest · listed 1 year ago
Status timeline
- ListedJul 23, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Consumer Services
- Listed on leak site
- Jul 23, 2025
About the victim
AI dossier — public-source company profileWatchfinder & Co is a UK-based retailer of pre-owned luxury wristwatches, founded in 2002. The company operates both e-commerce and physical showrooms, specializing in authenticated and refurbished premium timepieces from brands including Rolex, Cartier, and Omega.
- Industry
- Luxury Goods & Jewelry - Pre-owned Watches
- Founded
- 2002
Attack summary
Severity: medium — Data has been published by the threat actor, indicating confirmed exfiltration. However, the specific nature, volume, and sensitivity of the compromised data are not detailed in the available post excerpt, preventing a higher severity classification.The Everest group claims to have compromised Watchfinder & Co and published exfiltrated data. Specific details on the scope of data exfiltration or operational impact are not provided in the available post excerpt.
Original description
AI-summarised, not from the leak postWatchfinder & Co, founded in 2002 in the UK, is a leading retailer of pre-owned luxury wristwatches. It offers a wide range of premium brands like Rolex, Cartier, Omega, and many more. Pioneers in their field, they combine e-commerce capabilities with numerous physical stores and showrooms. The firm focuses on authenticity, providing thorough inspection and refurbishment processes for used watches.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

