Ransomware victim disclosure
← All victimsINTERNET AG
Claimed by Thegentlemen · listed 4 days ago
Status timeline
- ListedJul 11, 2026
- Data leakeddate unknown
At a glance
- Group
- Thegentlemen
- Status
- Data leaked
- Country
- Germany
- Sector
- Technology
- Listed on leak site
- Jul 11, 2026
About the victim
AI dossier — public-source company profileINTERNET AG is a German IT service provider specializing in hosting, server solutions, and data center operations. They offer managed services, virtual servers, enterprise storage, network connectivity, and infrastructure management with facilities in Frankfurt and Amsterdam, serving corporate clients requiring high-availability infrastructure.
- Industry
- Web Hosting & Data Center Services
- Address
- Frankfurt am Main, Germany (multiple data center locations: Wiesenhüttenplatz 26, Rebstöcker Str. 55, Hanauer Landstr. 304, plus Amsterdam and Equinix FR5 Frankfurt)
Attack summary
Severity: medium — Data published status confirmed, but post lacks explicit details on data type, volume, or sensitivity. As a hosting provider, compromise could expose customer infrastructure data and configurations; however, no regulatory data (PII, financial, medical) explicitly mentioned. Operational impact to customers unclear.The threat actor claims to have compromised INTERNET AG and published data. The post does not explicitly state whether data was exfiltrated, encrypted, or both, nor does it detail specific data categories affected.
Data the group says was taken
AI dossier — extracted from the leak post- Customer infrastructure data
- Server configuration information
- Network connectivity details
What the group claims
***.de zoominfo.com/c/inet/429716454 INTERNET AG is a professional German IT service provider specializing in reliable, sustainable, and flexible hosting and server solutions. The company delivers customized IT infrastructures, managed services, and global network connectivity tailored to complex business needs. Alongside its partner INTERNIC GmbH, it offers comprehensive enterprise software and secure digital operations for corporate clients
Sources
- Victim siteinet.de
Source
Indexed 4 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

