Ransomware victim disclosure
← All victimsEWIG Group
listed as Ewig Usa · Claimed by ALPHV/BlackCat · listed 2 years ago
Status timeline
- ListedMar 3, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- China
- Sector
- Manufacturing
- Listed on leak site
- Mar 3, 2024
About the victim
AI dossier — public-source company profileEWIG Group is a Hong Kong-based electronic manufacturing company with facilities in China, specializing in printed circuit board assembly, product development, injection molding, and tooling. With over 40 years of design and manufacturing experience, they produce consumer and industrial electronics including smart home devices, wellness products, and IoT devices for global customers.
- Industry
- Electronic Manufacturing & Consumer Electronics
- Address
- Avenida Da Praia Grande No. 619, EDF.Comercial Si Toi L6, Macau
Attack summary
Severity: high — Confirmed data exfiltration and publication by a major ransomware group (ALPHV/BlackCat). Manufacturing and product development data from a global electronics supplier poses supply chain and competitive intelligence risk. Scale of proof not specified in available excerpt.ALPHV/BlackCat claims to have attacked EWIG Group. The group's post confirms data exfiltration (disclosed status: data_published) but the truncated leak post excerpt does not specify which data categories were stolen or provide operational details.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Manufacturing data
- Product development files
- Customer information
What the group claims
Ewig Group is a one stop solution provider in electronic manufacturing to global customers. We are a Hong Kong based company with well- equipped manufacturing facilities in China.
Sources
- Victim siteewig-mco.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

