Ransomware victim disclosure
← All victimsAmazon Transportes
Claimed by Cicada3301 · listed 1 year ago
Status timeline
- ListedApr 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Cicada3301
- Status
- Data leaked
- Country
- Brazil
- Sector
- Transportation/Logistics
- Listed on leak site
- Apr 22, 2025
- Data size
- 149 GB
About the victim
AI dossier — public-source company profileAmazon Transportes is a Brazilian logistics and transportation company operating for over 40 years, providing integrated logistics services across Brazil including fractional transport, agricultural, air cargo, healthcare-specific transport (Amazon Health), and retail solutions. Headquartered in São Paulo with nationwide coverage.
- Industry
- Transportation & Logistics
- Address
- Rua Nilton Coelho Andrade, 210, Vila Maria, São Paulo – SP, Brazil
Attack summary
Severity: medium — 149 GB of exfiltrated data from a logistics company handling healthcare transport and customer shipment information represents moderate-to-significant exposure. However, the leak post lacks proof files, detailed data inventory, or confirmation of sensitive PII/regulated data at scale. Healthcare transport data exposure elevates risk but without confirmed regulated healthcare records, does not reach 'critical'.Cicada3301 claims to have exfiltrated 149 GB of data from Amazon Transportes. The leak post provides a countdown timer but minimal detail on the specific data categories or operational impact.
Data the group says was taken
AI dossier — extracted from the leak post- Customer shipping/logistics records
- Operational data
- Business communications
- Healthcare transport information
What the group claims
Status: 29d 23h 57m 18s - Size Data: 149 GB
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

