Ransomware victim disclosure
← All victimsEkonomipoolen
listed as ekonomipoolen.se/Sweden/32/GB · Claimed by Kairos · listed 10 months ago
Status timeline
- ListedSep 16, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileEkonomipoolen is a Swedish staffing and recruitment firm, likely specialising in finance and accounting personnel placements, as suggested by its name ('ekonomi' meaning economics/finance in Swedish and 'poolen' meaning pool/agency). The company operates in Sweden and the domain suffix indicates a Swedish entity. No further verified details are available from the public site.
- Industry
- Staffing & Recruitment (Finance/Accounting)
Attack summary
Severity: high — Data has been published (disclosed status: data_published) with 32 GB of exfiltrated data from a staffing/recruitment firm, which likely contains employee and candidate PII, financial records, and client data, constituting significant confirmed exfiltration.The Kairos ransomware group claims to have exfiltrated approximately 32 GB of data from ekonomipoolen.se and has published the data, indicating a completed exfiltration with public disclosure.
Data the group says was taken
AI dossier — extracted from the leak post- Exfiltrated company files (32 GB)
What the group claims
Unknown - ekonomipoolen.se
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

