Ransomware victim disclosure
← All victimsValens Bank/Pay/Exchange
Claimed by Weyhro · listed 1 year ago
Status timeline
- ListedMar 31, 2025
- Data leakeddate unknown
At a glance
- Group
- Weyhro
- Status
- Data leaked
- Country
- Germany
- Sector
- Financial Services
- Listed on leak site
- Mar 31, 2025
About the victim
AI dossier — public-source company profileValens Bank is a digital banking platform offering private banking services including multi-currency accounts, payment/transfer services, cryptocurrency trading, forex trading, and gold trading. Valens Pay handles global transfers while Valens Exchange operates as a global market exchange platform.
- Industry
- Financial Services & Cryptocurrency Trading
Attack summary
Severity: high — Confirmed data publication from a financial institution handling sensitive banking, trading, and cryptocurrency data poses significant risk to customers and regulatory compliance. Financial sector breach with published data typically warrants high severity despite lack of specific proof file count.The weyhro group claims to have compromised Valens Bank/Pay/Exchange and published data. The specific nature of the breach (encryption vs. exfiltration) and extent of data exposure are not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- banking records
- user accounts
- financial transaction data
- cryptocurrency trading data
Original description
AI-summarised, not from the leak postValens Bank is a digital banking platform that offers private banking services to its clients worldwide. It provides services like multi-currency accounts, payment and transfer services, cryptocurrency trading, forex trading, and gold trading. Valens Pay facilitates global transfers, while Valens Exchange is a global market exchange platform.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

