Ransomware victim disclosure
← All victimsEUC Sjælland
listed as EUC Sjlland · Claimed by Ransomhouse · listed 1 year ago
Status timeline
- ListedJun 9, 2025
- Data leakeddate unknown
At a glance
- Group
- Ransomhouse
- Status
- Data leaked
- Country
- Denmark
- Sector
- Education
- Listed on leak site
- Jun 9, 2025
- Data size
- 743 GB
- Ransom demanded
- $740
About the victim
AI dossier — public-source company profileEUC Sjælland is a Danish vocational and technical education institution offering upper-secondary programs including HTX (technical gymnasium), EUD (vocational education), EUX (vocationally-oriented higher examination), and adult education courses across four campuses in Næstved, Køge, Haslev, and Greve.
- Industry
- Education
Attack summary
Severity: medium — Educational institution with student and employee data at risk; encryption-only attack claimed with no specific proof files or screenshots provided for EUC Sjælland in the leak post. The 743 GB figure suggests substantial data volume but lacks proof of exfiltration.Ransomhouse claims to have encrypted EUC Sjælland's systems. The leak post contains a database of multiple unrelated victim organizations but does not provide specific details about data exfiltrated from the Danish school.
Data the group says was taken
AI dossier — extracted from the leak post- Student records
- Administrative data
- Institutional databases
What the group claims
EUC Zealand was established in 1999 through a merger between the technical schools in Køge, Haslev and Næstved and has since been expanded with two centers for labor market education. Today, EUC Zealand has branches in Næstved, Køge, Haslev and Greve.
The leak post
captured from the group's site```
{"data":[{"id":"a1894b76b7004c75a3a0845799af49956592e3d9","display":"animated","header":"HOT NEWS","info":" Trellix is a global cybersecurity company.","url":"","sort":1,"views":"436242"},{"id":"336b257f582b17573c97578efd4b22762bf77344","sort":2,"header":"Trellix (McAfee & FireEye)","url":"https://www.trellix.com/","private":"false","revenue":"1.5-2 B$","employees":"5000","info":"Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. The companys open and native extended detection and response (XDR) platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security","statusDate":"DEPENDS ON YOU","status":"EVIDENCE","published":"NOT YET","action":"Encrypted","actionDate":"17/04/2026","volume":"~","content":"cybersecurity.html"…Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

