Ransomware victim disclosure
← All victimsHYPERTHERM.COM
Claimed by Clop · listed 8 months ago
Status timeline
- ListedNov 21, 2025
- Data leakeddate unknown
At a glance
- Group
- Clop
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Nov 21, 2025
About the victim
AI dossier — public-source company profileHypertherm is a global manufacturer of advanced cutting systems including plasma, laser, and waterjet solutions, founded in 1968 and based in New Hampshire, USA. The company serves industries such as construction, shipbuilding, and manufacturing, providing cutting equipment, software (ProNest), controls, and consumables. Hypertherm is known for its employee ownership model and is marketed as the world's #1 requested plasma brand.
- Industry
- Industrial Cutting Systems & Equipment Manufacturing
- Address
- New Hampshire, USA
- Founded
- 1968
Attack summary
Severity: medium — Claimed data exfiltration by a known ransomware group (Clop) with disclosed status, but no specific proof files are enumerated, no regulated data confirmed, and no operational impact stated. Classification as medium reflects confirmed leak disclosure without detailed proof inventory or sensitive data category confirmation.The Clop ransomware group claims to have attacked Hypertherm and exfiltrated data. No specific details on encryption, operational disruption, or data types are provided in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Business data (unspecified)
- Potentially proprietary technical/design information
- Customer or operational records
Original description
AI-summarised, not from the leak postHypertherm is a global organization based in New Hampshire, USA. Founded in 1968, the company specializes in the design and manufacture of advanced cutting systems such as plasma, laser, and waterjet cutting solutions. Hypertherm products are employed in sectors like construction, shipbuilding, and manufacturing. They provide software, controls, and consumables for cutting applications. The company is also known for its employee ownership model.
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

