Ransomware victim disclosure
← All victimsMünchner Verlagsgruppe GmbH
Claimed by Metaencryptor · listed 3 years ago
Status timeline
- ListedAug 16, 2023
- Data leakeddate unknown
At a glance
- Group
- Metaencryptor
- Status
- Data leaked
- Country
- Germany
- Sector
- Media & Entertainment
- Listed on leak site
- Aug 16, 2023
- Ransom demanded
- $36M
About the victim
AI dossier — public-source company profileMünchner Verlagsgruppe GmbH is Germany's largest non-fiction book publisher, headquartered in Munich, Bavaria, and active for more than 20 years. The group operates several imprints including riva Verlag, mvg Verlag, LAGO Verlag, and FinanzBuch Verlag, covering topics such as health, nutrition, sport, psychology, finance, and fiction. The company reports annual revenue of approximately $36 million.
- Industry
- Book Publishing
- Address
- Munich, Bavaria, Germany
Attack summary
Severity: high — Data has been published by the threat actor, confirming exfiltration and disclosure of company data; while the specific data types are not enumerated in the post, the publishing of data from a mid-sized media/publishing company with financial and employee records warrants a high severity rating.The Metaencryptor ransomware group claims to have attacked Münchner Verlagsgruppe GmbH and has published data (disclosed status: data_published); the post references $36M in company revenue but does not specify the volume or type of exfiltrated data.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate business data
- Financial records
What the group claims
Münchner Verlagsgruppe GmbH is a company that operates in the Publishing industry. It has $36M of revenue. The company is headquartered in Munich, Bavaria, Germany.
Sources
- Victim sitem-vg.de/
- Leak posthttp://metacrptmytukkj7ajwjovdpjqzd7esg5v3sg344uzhigagpezcqlpyd.onion/0AFC:4afb8cbffc68130e4152a20ae72cdc77/0AFC:5997bbb344f4d695e98dbd8391d6530f9fc2b907c3845e8028915c7c27512c5d/0AFC:c323cf580afd1162cbf6eee155cfa7c985db9e4faed77fe46d330f3ac4b7d5a06d8b58cefebe950715b4fef2d1533aff
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

