Ransomware victim disclosure
← All victimsExcalibur Rentals
Claimed by Akira · listed 8 days ago
Status timeline
- ListedJul 7, 2026
- Data leakeddate unknown
At a glance
- Group
- Akira
- Status
- Data leaked
- Sector
- Consumer Services
- Listed on leak site
- Jul 7, 2026
About the victim
AI dossier — public-source company profileExcalibur Rentals is an equipment rental company providing boom lifts, telehandlers, light towers, and related machinery to support construction and industrial work. The company serves clients needing temporary equipment solutions.
- Industry
- Equipment Rental Services
Attack summary
Severity: high — Confirmed exfiltration of sensitive PII at scale (employee SSNs, addresses) combined with financial and customer data. Large data volume (45 GB) and stated intent to publish elevates risk despite no proof files yet advertised.The AKIRA group claims to have exfiltrated approximately 45 GB of corporate data including employee personal information, contracts, financial records, and customer data. The group has announced intent to publish the stolen data.
Data the group says was taken
AI dossier — extracted from the leak post- employee personal information (names, addresses, SSNs)
- contracts and agreements
- financial records
- customer information
What the group claims
Excalibur Rentals is dedicated to providing reliable rental equipment services, ensuring that c lients can complete their jobs safely, on time, and within budget. They offer a range of equipm ent including boom lifts, telehandlers, and light towers. We will upload 45gb of corporate data soon. Employee personal information (name, addresses, SSN s and so on), contracts and agreements, a bit of financials, customers info, etc.
Source
Indexed 8 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

