Ransomware victim disclosure
← All victimsTrans-Northern Pipelines
Claimed by Alphv · listed 2 years ago
Status timeline
- ListedFeb 13, 2024
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileTrans-Northern Pipelines Inc. (TNPI) operates regulated petroleum product pipelines in Canada, with networks spanning Edmonton to Calgary in Alberta and Montreal to the Greater Toronto Area in Ontario-Quebec. The company transports refined petroleum products including gasoline, diesel, aviation fuel, and heating fuel to businesses and consumers across Canada.
- Industry
- Pipeline Transportation & Energy Distribution
- Founded
- 1949
Attack summary
Severity: high — Critical infrastructure (regulated pipeline operator) confirmed compromised with data published by the ransomware group. Pipeline operators handle sensitive operational, safety, and regulatory data; exposure poses potential operational and public safety risks. Published data status elevates severity despite absence of detailed inventory.ALPHV claims to have compromised Trans-Northern Pipelines Inc. and published exfiltrated data. The group's post does not specify what data categories were targeted or the scope of the breach.
What the group claims
Trans-Northern Pipelines Inc. (TNPI) operates regulated pipelines in central Alberta from Edmonton to Calgary, and in the south eastern Ontario to Montreal corridor, delivering refined petroleum products such as gasoline, diesel fuel, aviation fuel and heating fuel used by businesses and consumers. TNPI was incorporated in 1949, and has been operating pipelines for more than 60 years. Our business is built on four strategic pillars which we work to uphold every day: Personal and Process Safety, Environmental Sustainability, Reliability and People. Our team’s decades of experience combined with a focus on our core values – safe, respectful, professional, trustworthy, results focused, decisive – guides our daily activities and business operations.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

