Ransomware victim disclosure
← All victimsETS PUZIO
listed as puzio-saunierduval.fr · Claimed by LockBit · listed 7 months ago
Status timeline
- ListedDec 26, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileETS PUZIO is a small, independent heating specialist based in Chelles, France, operating since 1973. The company specialises in the installation, commissioning, maintenance, and after-sales service of individual gas boilers and related heating systems. It holds Saunier Duval 'Partenaire Fil Rouge' accreditation and serves customers within a 30 km radius of Chelles.
- Industry
- Heating & HVAC Installation and Maintenance
- Address
- 28 rue du Valengelier, 77500 Chelles, France
- Employees
- 1-10
- Founded
- 1973
Attack summary
Severity: medium — Data has been published by LockBit, confirming exfiltration, but the victim is a very small local trades business with limited scale of sensitive regulated data; no evidence of large-scale PII, medical, or financial data at critical volume.LockBit claims to have attacked ETS PUZIO and the disclosed status indicates data has been published, suggesting exfiltration and/or encryption of company data. No ransom amount or specific data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Customer contact records
- Service and maintenance contracts
- Business correspondence
- Financial/invoicing records
- Employee information
What the group claims
Notre entreprise ETS PUZIO à CHELLES Chauffagiste à Chelles depuis 1973, nous sommes spécialiste de...
Sources
- Victim sitepuzio-saunierduval.fr
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

