Ransomware victim disclosure
← All victimsFabrica Industrial Machinery & Equipment
Claimed by Trinity · listed 2 years ago
Status timeline
- ListedSep 23, 2024
- Data leakeddate unknown
At a glance
- Group
- Trinity
- Status
- Data leaked
- Country
- Argentina
- Sector
- Manufacturing
- Listed on leak site
- Sep 23, 2024
- Ransom demanded
- $59.2M
- Estimated revenue
- $59.2M
About the victim
AI dossier — public-source company profileFabrica SRL is an Argentine infrastructure construction and maintenance company based in Resistencia, Chaco. They specialize in engineering and maintenance of utilities (gas, water, sanitation), telecommunications, electrical systems, renewable energy, and building infrastructure across multiple provinces in Argentina.
- Industry
- Infrastructure Construction & Maintenance Services
- Address
- Resistencia, Chaco, Argentina
Attack summary
Severity: high — Large-scale data exfiltration (20+ TB) confirmed and published. Infrastructure company with access to critical utility and telecommunications systems; compromise likely includes sensitive client/project data and operational information. Ransom demand calibrated to company revenue indicates serious targeting.Trinity claims to have exfiltrated a 20+ TB database from Fabrica SRL. The group has published data and demands a ransom of $59.2 million, matching the company's stated annual revenue.
Data the group says was taken
AI dossier — extracted from the leak post- company database (20+ TB)
- business records
- customer/client information
- project data
- financial records
What the group claims
Data base 20+tb - Revenue: $ 59.2 Million - Publication date: 2024-10-23
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

