Ransomware victim disclosure
← All victimsOMF International
listed as omf.org · Claimed by LockBit · listed 7 months ago
Status timeline
- ListedDec 26, 2025
- Data leakeddate unknown
At a glance
- Group
- LockBit
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Dec 26, 2025
About the victim
AI dossier — public-source company profileOMF International is a global fellowship of Christians focused on missionary work among East Asian peoples. The organisation partners with over 2,500 workers from more than 40 nations to serve over 100 East Asian people groups. It supports church growth, community service, and gospel outreach across East Asia and among diaspora communities worldwide.
- Industry
- Non-profit Christian Mission Organisation
- Employees
- 501-1000
- Founded
- 1865
Attack summary
Severity: high — Data has been published by the threat actor, confirming exfiltration. The organisation handles PII for thousands of international workers and donors across 40+ nations, and likely holds sensitive personal, financial, and location data for missionaries operating in high-risk regions (including China and other restricted countries), which elevates potential harm significantly.LockBit claims to have compromised OMF International and has published data (disclosed status: data_published), suggesting exfiltration of organisational data, though specific data categories and volumes were not detailed in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Organisational records
- Staff/worker personal information
- Donor records
- Financial data
- Missionary deployment records
- Internal communications
What the group claims
OMF is a global fellowship of Christians with a heart for East Asia. We are passionate to demonstra...
Sources
- Victim siteomf.org
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

