Ransomware victim disclosure
← All victimsThe Phoenix Company, Inc.
listed as The PHOENIX · Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedMay 16, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileThe Phoenix Company, Inc. is a software solutions provider based in Spain with over 20 years of market experience. They specialize in the MONET suite of applications serving government and private institutions, offering financial management, HR, payroll, asset management, and citizen services modules.
- Industry
- Enterprise Software & Government IT Solutions
- Founded
- 2004
Attack summary
Severity: high — Confirmed data exfiltration from a software company serving government and municipal institutions. Potential exposure of sensitive government/public sector client data and business systems. $3.8M ransom demand indicates substantial data compromise.BlackLock ransomware group claims to have encrypted The Phoenix Company's systems and exfiltrated data. The group alleges the company has more than 15 years in the market with $3.8M revenue.
Data the group says was taken
AI dossier — extracted from the leak post- Company databases
- Financial records
- Customer/client information
- Software source code or intellectual property
- Government/municipal client data
What the group claims
a company with more than 15 years in the market, providing innovative solutions to government and private institutions. Revenue $3.8 M
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

