Ransomware victim disclosure
← All victimsKirloskar Oil Engines Ltd.
listed as KOEL.CO.IN · Claimed by Clop · listed 7 months ago
Status timeline
- ListedDec 18, 2025
- Data leakeddate unknown
At a glance
- Group
- Clop
- Status
- Data leaked
- Country
- India
- Sector
- Manufacturing
- Listed on leak site
- Dec 18, 2025
About the victim
AI dossier — public-source company profileKirloskar Oil Engines Ltd. (KOEL) is a leading Indian manufacturer of diesel engines, agricultural pumps, and generator sets. A flagship company of the century-old Kirloskar Group, it supplies power solutions to agriculture, industrial, and domestic sectors globally.
- Industry
- Diesel Engines & Agricultural Pumps Manufacturing
Attack summary
Severity: medium — Data has been published by the group, but no specific data categories, volume, or proof files are described in the truncated leak post. The absence of detail on what was exfiltrated or encryption scope prevents higher severity classification.Clop ransomware group claims to have attacked KOEL and published data. The specific nature of the compromise (encryption, exfiltration, or both) and data categories are not detailed in the available post.
Original description
AI-summarised, not from the leak postKOEL.CO.IN, also known as Kirloskar Oil Engines Ltd., is a leading Indian manufacturer of diesel engines, agricultural pumps, and generator sets. It's a flagship company of the century-old Kirloskar Group. KOEL is renowned globally for manufacturing durable and reliable products that cater to sectors including agriculture, industries, and domestic usage. Their products have varied applications, ensuring complete power solutions.
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

