Ransomware victim disclosure
← All victimsIfage
Claimed by Dragonforce · listed 22 hours ago
Status timeline
- ListedJul 14, 2026
- Data leakeddate unknown
At a glance
- Group
- Dragonforce
- Status
- Data leaked
- Country
- Switzerland
- Listed on leak site
- Jul 14, 2026
About the victim
AI dossier — public-source company profileIfage is a foundation based in Geneva, Switzerland, dedicated to continuous education and professional development of adults. It offers a wide range of courses in languages, management, administration, industry, construction, and information technology, with many programs leading to recognized federal diplomas and international certificates.
- Industry
- Adult Education & Professional Development
- Address
- Geneva, Switzerland
Attack summary
Severity: medium — Data published by the group with no ransom demand stated. Educational institution with likely student PII exposure, but no confirmation of scale or specific regulated data categories (medical, financial). Moderate sensitivity due to potential student and employee information.The dragonforce group claims to have compromised Ifage and published data. No specific details on encryption, exfiltration method, or data types are provided in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- student records
- course enrollment data
- personal information
- training records
What the group claims
Ifage is a foundation based in Geneva dedicated to the continuous education and professional development of adults. It offers a wide range of courses in languages, management, administration, industry, construction, and new technologies. The foundation serves individuals seeking to enhance their skills and obtain recognized certifications, including federal diplomas and international certificates. Its clients include professionals looking to advance their careers and companies seeking training solutions for their employees.
Sources
Source
Indexed 22 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

