Ransomware victim disclosure
← All victimsFoccoERP
Claimed by Trinity · listed 2 years ago
Status timeline
- ListedOct 2, 2024
- Data leakeddate unknown
At a glance
- Group
- Trinity
- Status
- Data leaked
- Country
- Brazil
- Sector
- Technology
- Listed on leak site
- Oct 2, 2024
- Data size
- 300 GB
- Ransom demanded
- $20M
- Estimated revenue
- $20M
About the victim
AI dossier — public-source company profileFoccoERP is a Brazilian ERP software provider specializing in management solutions for manufacturing industries and distribution companies. The platform serves over 1,000 companies across segments including furniture, metalworking, beverages, food, and general distribution, offering integrated tools for commercial management, purchasing, sales, financials, and industrial operations.
- Industry
- Enterprise Resource Planning (ERP) Software
Attack summary
Severity: high — Confirmed exfiltration of 300 GB of database contents from a B2B software provider serving 1,000+ companies. Likely contains customer PII, financial records, and business data of downstream clients, creating cascading exposure.Trinity claims to have exfiltrated 300 GB of FoccoERP's database. The group demands $20 million and published data on 2024-11-01, indicating confirmed data exfiltration.
Data the group says was taken
AI dossier — extracted from the leak post- company database
- customer records
- financial data
- operational information
What the group claims
Data base 300 GB - Revenue: $ 20 Million - Publication date: 2024-11-01
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

