Ransomware victim disclosure
← All victimsMakoLab S.A.
listed as MakoLab · Claimed by Thegentlemen · listed 2 days ago
Status timeline
- ListedJul 1, 2026
- Data leakeddate unknown
At a glance
- Group
- Thegentlemen
- Status
- Data leaked
- Country
- Poland
- Sector
- Technology
- Listed on leak site
- Jul 1, 2026
About the victim
AI dossier — public-source company profileMakoLab is a Polish digital solutions and IT consulting firm founded in 2008, specializing in digital transformation, custom software engineering, artificial intelligence, and human-centric design. The company provides comprehensive business and technology consulting, product design, and 24/7 global operations support to enterprise clients worldwide.
- Industry
- IT Consulting & Custom Software Development
- Founded
- 2008
Attack summary
Severity: medium — Data has been published by the threat actor (disclosed status: data_published), and the company is a technology/consulting firm likely holding client and project data of moderate sensitivity. However, the leak post provides no enumeration of proof files, specific data types, or confirmation of regulated data exposure.The threat actor claims to have compromised MakoLab and published exfiltrated data. No specific details on encryption, operational disruption, or data categories are provided in the leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- client information
- project documentation
- potentially proprietary software/code
What the group claims
***.com zoominfo.com/c/makolab-sa/31278202 MakoLab, a prominent Polish IT consulting and software development company acting as a digital project house.The firm specializes in digital transformation, artificial intelligence, custom software engineering, and human-centric design.They provide comprehensive business and technology consulting, product design, and global 24/7 operations support to enterprise clients worldwide
Sources
- Victim sitemakolab.com
Source
Indexed 2 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

