Ransomware victim disclosure
← All victimsatol.ru
Claimed by Werewolves · listed 3 years ago
Status timeline
- ListedDec 20, 2023
- Data leakeddate unknown
At a glance
- Group
- Werewolves
- Status
- Data leaked
- Country
- Russia
- Sector
- Technology
- Listed on leak site
- Dec 20, 2023
About the victim
AI dossier — public-source company profileАТОЛ (ATOL) is a leading Russian IT company and manufacturer of hardware and software solutions for automation across retail, e-commerce, services (including HoReCa), transport, and utilities management. The company operates АТОЛ Онлайн (ATOL Online), claimed to be Russia's largest cloud-based POS-as-a-Service (KaaS) platform by market share, and also supplies POS equipment and warehouse automation solutions.
- Industry
- Point-of-Sale Systems & Retail Automation Software
Attack summary
Severity: critical — Confirmed exfiltration of customer PII and operational software from a major Russian financial/retail infrastructure provider (POS and KaaS platform serving thousands of merchants). Exposure of customer and employee personal data at scale constitutes regulated data breach.The threat actor claims to have compromised database servers and exfiltrated customer data, software source code, and personal data of employees or users. A ransom demand of $450,000 is stated for non-publication and deletion of the compromised information.
Data the group says was taken
AI dossier — extracted from the leak post- customer data
- personal data (employees/users)
- software/source code
- database contents
What the group claims
АТОЛ – IT-компания, ведущий российский производитель оборудования и разработчик программного обеспечения для автоматизации таких сфер как ритейл, e-commerce, услуги, включая HoReCa, транспорт, ЖКХ и многое другое.Облачный сервис компании, «АТОЛ Онлайн», является первым и одним из самых крупных в РФ среди KaaS-решений («касса как сервис») по занимаемой доле рынка. Также АТОЛ поставляет POS-оборудование и решения для автоматизации склада. Сервера баз данных скомпрометированы.Данные клиентов,программное обеспечение,персональные данные похищены.Стоимость не публикации и удаления всей скомпрометрованной информации составляет 450000$.
Sources
- Victim siteatol.ru
- Leak posthttps://werewolves.pro/en/hotel.html
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

