Ransomware victim disclosure
← All victimsMega Travel Operadora S.A. de C.V.
listed as megatravel.com.mx · Claimed by Darkvault · listed 2 years ago
Status timeline
- ListedAug 15, 2024
- Data leakeddate unknown
At a glance
- Group
- Darkvault
- Status
- Data leaked
- Country
- Mexico
- Sector
- Hospitality and Tourism
- Listed on leak site
- Aug 15, 2024
About the victim
AI dossier — public-source company profileMega Travel is a Mexican international travel operator founded in 1999 specializing in cultural, receptive, and outbound tourism packages across multiple continents. The company operates from Mexico with regional offices and international branches in Argentina, Colombia, Panama, Peru, Turkey, and France, serving thousands of customers annually with tour packages to Europe, Asia, the Middle East, and the Americas.
- Industry
- Travel & Tourism Operations
- Address
- Río Misisipi 49, Col. Cuauhtémoc, Ciudad de México, Mexico (HQ); additional offices in Guadalajara, Monterrey, Mérida, Tijuana
- Founded
- 1999
Attack summary
Severity: medium — Data published status confirmed, but no proof files, screenshots, or data sample counts are documented in the post. Travel operators typically hold PII and payment data; however, without visible proof or specifics on data volume/sensitivity, severity cannot exceed medium.Darkvault claims to have compromised Mega Travel and published exfiltrated data. The group's post does not specify the nature or scope of data accessed, encryption status, or operational impact.
Data the group says was taken
AI dossier — extracted from the leak post- Customer personal information
- Travel booking records
- Payment information
- Business operations data
What the group claims
Compañía especializada en organizar y programar viajes internacionales para turismo cultural, receptivo y emisivo. Fundada en México en el año 1999; nos hemos destacado como la mejor Operadora Turística en México, Argentina, Colombia y Panamá.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

