Ransomware victim disclosure
← All victimsiPROMOTEu
Claimed by Everest · listed 1 year ago
Status timeline
- ListedJul 31, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Jul 31, 2025
About the victim
AI dossier — public-source company profileiPROMOTEu is a US-based service provider in the promotional products industry, established in 1999. The company offers order financing, supplier negotiation, and business development services to promotional product distributors, helping them increase efficiency, reduce costs, and maximize business potential while retaining independence.
- Industry
- Promotional Products & Business Services
- Founded
- 1999
Attack summary
Severity: medium — Data has been published by the threat actor (confirmed disclosure status), but no proof files/screenshots are documented, and the specific data categories and business impact are not detailed in the available post.The Everest group claims to have compromised iPROMOTEu and published exfiltrated data. Specific details regarding the nature of the breach (encryption, exfiltration, or both) and the data categories involved are not provided in the available post.
Original description
AI-summarised, not from the leak post"iPROMOTEu" is a US-based service provider in the promotional products industry. Established in 1999, it offers services such as order financing, supplier negotiation, and business development to promotional product distributors. The company aims to help these distributors increase their efficiency, reduce costs, and maximize their business potential, while also allowing them to retain their independence.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

