Ransomware victim disclosure
← All victimsIndra Group
Claimed by Thegentlemen · listed 2 days ago
Status timeline
- ListedJul 1, 2026
- Data leakeddate unknown
At a glance
- Group
- Thegentlemen
- Status
- Data leaked
- Country
- Spain
- Sector
- Technology
- Listed on leak site
- Jul 1, 2026
About the victim
AI dossier — public-source company profileIndra Group is a leading Spanish multinational technology and consulting company specializing in innovative solutions for defence, aerospace, air traffic management, smart mobility, and digital transformation. The company serves as a strategic technological partner for governments and major corporations worldwide across more than 140 countries, with over 62,000 professionals.
- Industry
- Defence, Aerospace & Air Traffic Management Technology
- Employees
- 62000
Attack summary
Severity: medium — Indra Group operates in critical sectors (defence, aerospace, air traffic control) with government and military clients, making any confirmed breach of high concern. However, the disclosed post contains no published proof files, proof screenshots, or confirmed data exfiltration details, only a listing/announcement.The group claims to have breached Indra Group but the truncated leak post provides no details on the attack method (encryption, exfiltration, or both) or specific data at stake.
What the group claims
***.com zoominfo.com/c/indra-sistemas-sa/136495916 Indra, a leading Spanish multinational technology and consulting company. It specializes in innovative solutions for defense, aerospace, air traffic management, smart mobility, and digital transformation (via its Minsait brand). The company serves as a strategic technological partner for governments and major corporations worldwide, driving modernization and security across critical sectors
Sources
- Victim siteindracompany.com
Source
Indexed 2 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

