Ransomware victim disclosure
← All victimsAMAKS Sity-otel Krasnoyarsk
listed as krasnoyarsk.amaks · Claimed by Lv · listed 3 years ago
Status timeline
- ListedDec 20, 2023
- Data leakeddate unknown
At a glance
- Group
- Lv
- Status
- Data leaked
- Country
- Russia
- Sector
- Hospitality
- Listed on leak site
- Dec 20, 2023
About the victim
AI dossier — public-source company profileAMAKS Sity-otel Krasnoyarsk is a 15-storey business-class hotel part of the AMAKS Hotels & Resorts chain. Located in Krasnoyarsk, Russia, it operates as a modern hotel complex offering hospitality services.
- Industry
- Hospitality – Hotels & Resorts
Attack summary
Severity: high — Confirmed exfiltration of over 1 TB of customer data from a hospitality operator; data is stated as published or prepared for publication. Hotels typically hold PII including names, contact details, payment information, and booking histories at scale.The Lv group claims to have exfiltrated over 1 terabyte of customer data from the hotel's systems, citing poor data protection despite centralized antivirus management. The group threatens to publish the data on Tor mirrors.
Data the group says was taken
AI dossier — extracted from the leak post- customer records
- guest personal data
- business information
What the group claims
«АМАКС Сити-отель» - современный пятнадцатиэтажный бизнес-комплекс, который входит в гостиничную сеть AMAKS Hotels&Resorts.У отеля проблемы с информационной безопасностью.Не смотря на то,что в целом присутствует централизованная политика управления антивирусным решением на хостах,данные клиентов не защищены.Более 1 террабайта данных будут опубликованы для всех желающих на зеркалах в сети TOR.
Sources
- Victim sitekrasnoyarsk.amaks
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

