Ransomware victim disclosure
← All victimsÖztüğ Otomotiv & Endüstri
listed as Oztugotomotiv · Claimed by INC Ransom · listed 4 hours ago
Status timeline
- Listed
Jun 4, 2026
- Data leaked
At a glance
- Group
- INC Ransom
- Status
- Data leaked
- Country
- TR
- Listed on leak site
- Jun 4, 2026
- Data size
- 100 GB
- Records
- 20 files
About the victim
AI dossier — public-source company profileÖztüğ Otomotiv & Endüstri is a Turkish manufacturer established in 1990 in Bursa, specializing in high-precision components for automotive, industrial, defense, and aerospace sectors. The company offers design, mold manufacturing, and serial production of plastic, metal, and rubber parts, along with industrial seals and vibration dampers, operating three production facilities and employing over 300 people.
- Industry
- Automotive & Industrial Component Manufacturing
- Address
- Bursa, Turkey
- Employees
- 300+
- Founded
- 1990
Attack summary
Severity: high — Confirmed exfiltration of 100 GB of operational and business data from a significant industrial manufacturer serving defense and aerospace sectors; evidence of proof files published; company serves critical supply chains.INC Ransom claims to have exfiltrated approximately 100 GB of data from Öztüğ Otomotiv. The group published proof files demonstrating access to the company's systems.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations data
- Technical/design documentation
- Customer information
- Production records
- System data
What the group claims
Öztug Otomotiv & Endüstri is a Turkish company established in 1990 in Bursa, specializing in the production of high-precision components for the automotive, industrial, defense, and aerospace sectors. The company offers design, mold manufacturing, and serial production of plastic, metal, and rubber parts. It has over 300 employees and three production facilities.
The leak post
captured from the group's site```
{"type":true,"message":"Success: got announcements.","payload":{"length":718,"announcements":[{"_id":"6a20239dd152110a6a17aa7e","company":{"company_name":"Colina%20Financial%20Advisors","country":"BS","revenue":7900000},"categories":["Encrypted","Proof"],"description":["Colina%20Financial%20Advisors%20Limited%20(CFAL)%20is%20a%20prominent%2C%20independent%20wealth%20management%20and%20investment%20advisory%20firm%20based%20in%20Nassau%2C%20The%20Bahamas.%20Established%20in%201997%2C%20it%20serves%20as%20the%20investment%20arm%20of%20Colina%20Holdings%20Ltd..%20The%20firm%20provides%20diverse%20financial%20services%20to%20both%20individual%20and%20institutional%20clients.%0D","%0D","While%20customers%20continue%20to%20entrust%20the%20company%20with%20their%20money%2C%20senior%20executives%20are%20actively%20working%20to%20cover%20up%20a%20major%20data%20breach%20involving%20approximately%20500%20GB%20of%20highly%20confidential%20data.%0D","The%20leak%20includes%2C%20but%20is%20not%20limited%20to%3A%0D","1.%20Client%20Personally%20Identifiable%20Information%20(PII)%0D","2.%20Client%20Financial%20Profiles%20%26%20Asset%20Data%0D","3.%20Proprietary%20Business%20Intel%20%26%20System…Data the group says was taken
- Confidential documents
- Client data
- NDA
- Financial data
- Operations data
- Corporate data
- Business Agreements
- Development data
- Financial databases
- Transaction records
Screenshot of the leak post
Sources
Source
Indexed 4 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.