Ransomware victim disclosure
← All victimsColegio de la Compañía de María Vigo
listed as Colegio de la Compania de Maria Vigo · Claimed by Arcusmedia · listed 1 year ago
Status timeline
- ListedMay 18, 2025
- Data leakeddate unknown
At a glance
- Group
- Arcusmedia
- Status
- Data leaked
- Country
- Spain
- Sector
- Education
- Listed on leak site
- May 18, 2025
About the victim
AI dossier — public-source company profileColegio de la Compañía de María Vigo is a Catholic educational institution founded in 1886 in Vigo, Spain, operated by the Compañía de María religious order. The school serves students from infant through secondary and baccalaureate levels, with a mission rooted in Christian humanism and integral personal development. It is part of a global network of 87 schools operated by the order across multiple continents.
- Industry
- Primary & Secondary Education
- Address
- Rúa do Ecuador 35, 36203 Vigo (Pontevedra), Spain
- Employees
- 51-200
- Founded
- 1886
Attack summary
Severity: medium — Educational institution with likely exposure of student and staff personal data. Data sensitivity is moderate-to-high due to presence of minors' PII, but the leak post contains no proof files, detailed data inventory, or confirmation of encryption. No ransom demand stated.Arcusmedia group claims to have compromised Colegio de la Compañía de María Vigo and published data. The leak post provides minimal detail on the specific attack vector, data exfiltrated, or encryption status.
Data the group says was taken
AI dossier — extracted from the leak post- student records
- staff information
- administrative data
- educational documentation
What the group claims
Days06Hours22222222Minutes55559999Seconds11115555 ciamariavigo.org Make the Mission of the Company of Mary a reality in schools owned by the …
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

