Ransomware victim disclosure
← All victimsaercap.com
Claimed by Slug · listed 2 years ago
Status timeline
- ListedJan 18, 2024
- Data leakeddate unknown
At a glance
- Group
- Slug
- Status
- Data leaked
- Country
- Ireland
- Sector
- Transportation/Logistics
- Listed on leak site
- Jan 18, 2024
About the victim
AI dossier — public-source company profileAerCap Holdings N.V. is the world's largest owner of commercial aircraft and leader in aviation leasing, headquartered in Dublin with regional offices across the US, Europe, Asia and the Middle East. The company leases aircraft, engines, and helicopters to ~300 airline customers globally, with a fleet of 1,611 aircraft, >1,200 engines, and >300 helicopters as of Q1 2026.
- Industry
- Aviation Leasing
- Address
- Dublin, Ireland
Attack summary
Severity: high — AerCap is a major publicly-listed company ($71B in assets, $18B equity) operating critical aviation infrastructure. Confirmed disclosure of data by a ransomware group against a target of this scale and sensitivity (airline operations, contracts, potentially PII of executives and customers) constitutes a significant breach, even without detailed proof inventory or ransom amount disclosed.The Slug group claims to have attacked AerCap and exfiltrated data. No specific details on encryption, operational disruption, or data categories are provided in the disclosed excerpt.
What the group claims
About aercap: Our commitment to excellence is manifested by our comprehensive, innovative and tailor-made solutions that are unrivaled in the leasing industry. We are the worldâs largest owners of commercial aircraft and leader in aviation leasing, providing airlines with long-term access to the most in-demand passenger and cargo aircraft, engines and helicopters.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

