Ransomware victim disclosure
← All victimsAmerican Color Imaging
listed as acilab.com · Claimed by Settra · listed 10 hours ago
Status timeline
- ListedJul 16, 2026
- Data leakeddate unknown
At a glance
- Group
- Settra
- Status
- Data leaked
- Country
- Brazil
- Sector
- Technology
- Listed on leak site
- Jul 16, 2026
About the victim
AI dossier — public-source company profileAmerican Color Imaging (ACI) is a professional printing lab founded in 1967 that provides high-quality photographic prints, albums, gallery wraps, and related products to professional photographers. The company offers custom crafted items including metal prints, handmade leather albums, canvas wraps, and banners, along with design tools and marketing support services.
- Industry
- Printing & Photography Products
- Founded
- 1967
Attack summary
Severity: medium — Confirmed data exfiltration of internal financial and corporate documents. While sensitive to the organization and potentially revealing competitive/ownership information, the data does not appear to involve regulated PII, medical, or government data at scale. No operational disruption claimed.The Settra group claims to have exfiltrated data from ACI, specifically highlighting internal financial and ownership documentation ('How ACI Financed Its Owners' Companies — and Paid Them Rent'). The group has published this data.
Data the group says was taken
AI dossier — extracted from the leak post- Financial records
- Ownership/corporate structure documentation
- Executive payment records
What the group claims
How ACI Financed Its Owners' Companies — and Paid Them Rent PROLOGUE Inside the archive of American ...
Sources
Source
Indexed 10 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

