Ransomware victim disclosure
← All victimsKOLORKIM KIMYA
Claimed by Doommageddon · listed 9 days ago
Status timeline
- ListedJul 6, 2026
- Data leakeddate unknown
At a glance
- Group
- Doommageddon
- Status
- Data leaked
- Country
- Türkiye
- Sector
- Manufacturing
- Listed on leak site
- Jul 6, 2026
About the victim
AI dossier — public-source company profileKolorkim Kimya is a Turkish chemical manufacturer specializing in flexo and rotogravure printing inks, solvent-based inks, heat-seal lacquers, and primers for the packaging industry. Operating since 2001 with facilities in İzmir and Istanbul, they export approximately 70% of production and hold ISO 9001, ISO 14001, and OHSAS 18001 certifications.
- Industry
- Chemical Manufacturing - Printing Inks & Coatings
- Address
- 10302 Sokak No:13 Kaklıç Mahallesi 35620 Çiğli / İZMİR, Turkey (Factory); İkitelli OSB İsteks San Sit. D1 Blk. No:11 İkitelli/İSTANBUL, Turkey (Istanbul Branch)
- Founded
- 2001
Attack summary
Severity: medium — Confirmed exfiltration of 1 GB of data from a manufacturing company with no indication of highly regulated/sensitive data categories (PII at scale, medical, financial). Data sensitivity and customer/supplier impact are unknown; encryption status unclear.Doommageddon claims to have exfiltrated 1 GB of data from Kolorkim Kimya. The group has published the data with a deadline of May 10, 2026, but no specific details on data categories or operational impact are provided.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- customer information
- operational data
What the group claims
Status: leaked | Data size: 1GB | Files: 1 files | Deadline: 2026-05-10T00:00:00Z
Sources
Source
Indexed 9 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

