Ransomware victim disclosure
← All victimsfractal
Claimed by Stormous · listed 2 months ago
Status timeline
- ListedMay 2, 2026
- Data leakeddate unknown
At a glance
- Group
- Stormous
- Status
- Data leaked
- Country
- Indonesia
- Sector
- Technology
- Listed on leak site
- May 2, 2026
About the victim
AI dossier — public-source company profileFractal (fractal.id) is an Indonesian technology company operating a digital identity and compliance platform, accessible via web.fractal.id. The company appears to provide KYC (Know Your Customer) and identity verification services. Specific scale and founding details are not available from the provided information.
- Industry
- Financial Technology & Digital Identity
Attack summary
Severity: high — Fractal operates a digital identity and KYC platform, meaning any confirmed data publication likely involves regulated PII (identity documents, personal verification data) at scale; data has been marked as published, elevating severity beyond medium even without explicit volume figures.The Stormous ransomware group claims to have compromised Fractal and has published data ('data_published' status), though the specific nature of the attack (encryption, exfiltration, or both) and the volume of data are not detailed in the truncated post.
Data the group says was taken
AI dossier — extracted from the leak post- Identity verification records
- KYC data
- User personal information
What the group claims
web.fractal.id/
Sources
- Victim sitefractal.id
Source
Indexed 2 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

