Ransomware victim disclosure
← All victimsSTRUMET Sp. z o. o.
listed as STRUMET · Claimed by NoEscape · listed 3 years ago
Status timeline
- ListedOct 31, 2023
- Data leakeddate unknown
At a glance
- Group
- NoEscape
- Status
- Data leaked
- Country
- Poland
- Sector
- Manufacturing
- Listed on leak site
- Oct 31, 2023
About the victim
AI dossier — public-source company profileSTRUMET Sp. z o. o. is a Polish manufacturer of reusable metal containers and metal products, operating since 1995 from a 130,000 m² production facility in southern Poland. The company serves automotive, defence, agricultural, and rail sectors, processing over 20,000 tonnes of steel annually and employing more than 750 workers. It holds multiple certifications including ISO 9001, TISAX, and EN-15085, and supplies clients worldwide across more than 7,000 completed projects.
- Industry
- Metal Containers & Industrial Metal Fabrication
- Address
- Southern Poland (precise street address not stated)
- Employees
- 750+
- Founded
- 1995
Attack summary
Severity: high — Data has been published (not merely threatened), indicating confirmed exfiltration. The company serves defence and automotive sectors with TISAX certification, meaning sensitive supply-chain and potentially defence-related business data is at stake at significant scale (750+ employees, global deliveries).NoEscape claims to have attacked STRUMET and has published data (disclosed status: data_published), indicating exfiltration of company data. No specific ransom amount or data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Company operational data
- Industrial project records
- Potentially customer/supplier data (automotive, defence, rail sectors)
- Employee records (inferred from 750+ workforce)
What the group claims
Since the beginning of its operations in 1995, the basic area of activity of STRUMET Sp. z o. o. was the production of reusable metal containers used in transport and stora...
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

