Ransomware victim disclosure
← All victimsThe Victorian Chemical Company (VICCHEM)
listed as Victorian Chemical · Claimed by Ransomhouse · listed 8 months ago
Status timeline
- ListedNov 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Ransomhouse
- Status
- Data leaked
- Country
- Australia
- Sector
- Manufacturing
- Listed on leak site
- Nov 3, 2025
- Data size
- 743 GB
- Ransom demanded
- $740
About the victim
AI dossier — public-source company profileThe Victorian Chemical Company (VICCHEM), incorporated in 1933, is a Melbourne-based specialist manufacturer and global marketer of agricultural and industrial chemical products. Its agricultural range includes spray adjuvants, wetting agents, soil adjuvants, organic insecticides, growth regulators, and bloat control products, while its industrial range covers concrete mould release agents, asphalt adhesion agents, canola-oil esters, and degreasers. The company holds ISO 9001:2015 certification and maintains distribution relationships across Australia, the Americas, Europe, Asia, the Middle East, and Africa.
- Industry
- Agricultural & Industrial Chemical Manufacturing
- Address
- Melbourne, Australia
- Founded
- 1933
Attack summary
Severity: high — 743 GB of data has been exfiltrated and published from a specialist chemical manufacturer; the dataset likely contains proprietary formulations, business-sensitive customer/distributor records, and internal corporate data. While not a regulated-sector target (e.g. healthcare or government), the scale of exfiltration and confirmed publication warrants a high severity rating.Ransomhouse claims to have encrypted VICCHEM's systems and exfiltrated approximately 743 GB of data, with the disclosure status marked as 'data_published', indicating the data has been released or is being released publicly.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate files and documents
- Product formulation and R&D data
- Customer and distributor records
- Financial records
- Quality management system documentation
- Employee data
What the group claims
Vicchem, based in Melbourne, Australia, is a specialist manufacturer and global marketer of agricultural and industrial chemical products since 1933. The company offers a diverse range of over 30 agricultural products, including spray adjuvants and organic insecticides, suitable for various farming applications. Additionally, Vicchem provides industrial chemicals, such as concrete mould release agents and degreasers, for multiple industries.
The leak post
captured from the group's site```
{"data":[{"id":"a1894b76b7004c75a3a0845799af49956592e3d9","display":"animated","header":"HOT NEWS","info":" Trellix is a global cybersecurity company.","url":"","sort":1,"views":"436242"},{"id":"336b257f582b17573c97578efd4b22762bf77344","sort":2,"header":"Trellix (McAfee & FireEye)","url":"https://www.trellix.com/","private":"false","revenue":"1.5-2 B$","employees":"5000","info":"Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. The companys open and native extended detection and response (XDR) platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security","statusDate":"DEPENDS ON YOU","status":"EVIDENCE","published":"NOT YET","action":"Encrypted","actionDate":"17/04/2026","volume":"~","content":"cybersecurity.html"…Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

