Ransomware victim disclosure
← All victimsUniproof
listed as uniproof.com.br · Claimed by Babuk · listed 1 year ago
Status timeline
- ListedApr 1, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileUniproof is a Brazilian platform specializing in electronic document registration in notary offices and blockchain. The company provides digital signature collection, document notarization, and compliance tools designed to eliminate paper-based processes while maintaining legal validity under Brazilian law, including LGPD compliance.
- Industry
- Legal Technology & Digital Document Registration
- Address
- Av. Queiroz Filho, 1700 - Vila Hamburguesa, São Paulo - SP, 05319-000, Brasil
Attack summary
Severity: medium — Data published by the group with no detailed proof provided. The company handles sensitive legal and financial documents, notary records, and customer PII at scale, which would be high-severity if confirmed; however, the minimal disclosure and lack of proof inventory suggests either limited exfiltration or early-stage leak post. Medium reflects the legitimate sensitivity of the data type and published status without confirmed proof.Babuk claims to have attacked Uniproof and published data. The leak post provides minimal detail on the nature of the breach (encryption, exfiltration, or both) or specific data categories compromised.
Data the group says was taken
AI dossier — extracted from the leak post- Electronic documents
- Digital signatures
- Customer account information
- Notary registration records
What the group claims
uniproof.com.br
Sources
- Victim siteuniproof.com.br
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

