Ransomware victim disclosure
← All victimsEast African Gasoil
Claimed by Arcusmedia · listed 9 days ago
Status timeline
- ListedJul 6, 2026
- Data leakeddate unknown
At a glance
- Group
- Arcusmedia
- Status
- Data leaked
- Country
- Kenya
- Sector
- Energy
- Listed on leak site
- Jul 6, 2026
About the victim
AI dossier — public-source company profileEast African Gasoil (EAGOL) is an independent oil and gas company operating in Kenya and across East Africa for over 10 years. They distribute petroleum products including premium motor spirit, automotive gas oil, jet fuel (JET A1), illuminating kerosene, and lubricants through 9 service stations across 4 countries in the region.
- Industry
- Oil & Gas Distribution
- Address
- P.O BOX 37952 – 00100 Nairobi Kenya; FCB Mihrab 8th Floor, Junction of Lenana road and Ring road, Kilimani
- Founded
- 2014
Attack summary
Severity: medium — Data has been published (disclosed_status: data_published) and the attack is claimed by an active ransomware group with a stated deadline. However, no specific sensitive data categories are confirmed in the available excerpt, and no proof files are advertised. The company operates critical energy infrastructure, elevating concern slightly.The ransomware group arcusmedia claims to have attacked EAGOL and set a deadline of 2026-07-12, indicating a ransom demand. The specific data exfiltrated or encryption details are not disclosed in the truncated leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations data
- Customer information
- Financial records
- Corporate systems
What the group claims
EAGOL is an independent oil and gas company operating in Kenya and East Africa, dedicated Deadline: 2026-07-12 23:48:00.000000
Sources
Source
Indexed 9 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

