Ransomware victim disclosure
← All victimsEros Group
listed as eroselevators.com · Claimed by LockBit · listed 7 months ago
Status timeline
- ListedDec 31, 2025
- Data leakeddate unknown
At a glance
- Group
- LockBit
- Status
- Data leaked
- Country
- India
- Sector
- Manufacturing
- Listed on leak site
- Dec 31, 2025
About the victim
AI dossier — public-source company profileEros Group is a Mumbai-headquartered Indian manufacturer of elevators and automated parking systems, founded in 1947. The company offers passenger, freight, hospital, home, and car elevators alongside multiple parking system types, supported by modernization and AMC services. It operates an 80,000+ sq. ft. manufacturing plant with CNC and laser cutting machinery, and has a presence in Mumbai, Pune, and Bangalore.
- Industry
- Elevator & Automated Parking Systems Manufacturing
- Address
- G-2, Universal Majestic, P. L. Lokhande Marg, Mankhurd Link Road, Govandi, Mumbai-400043, India
- Founded
- 1947
Attack summary
Severity: high — Data has been confirmed as published by LockBit, indicating successful exfiltration of business data from a manufacturing company. While no regulated PII at scale or critical infrastructure impact is explicitly confirmed, data_published status with a known ransomware group warrants a high severity rating.LockBit claims to have attacked Eros Group and has published data (disclosed status: data_published), indicating exfiltration of company data. No specific ransom amount or data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Company business data
- Internal documents
What the group claims
Eros Elevators, established in 1947, is a pioneer in the Indian elevator industry, offering a comp...
Sources
- Victim siteeroselevators.com
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

