Ransomware victim disclosure
← All victimsKurogane Kasei Co., Ltd.
listed as Kurogane Kasei Co. · Claimed by Ransomhouse · listed 9 months ago
Status timeline
- ListedOct 23, 2025
- Data leakeddate unknown
At a glance
- Group
- Ransomhouse
- Status
- Data leaked
- Country
- Japan
- Sector
- Manufacturing
- Listed on leak site
- Oct 23, 2025
- Data size
- 743 GB
- Records
- 193 employees
- Ransom demanded
- $740
About the victim
AI dossier — public-source company profileKurogane Kasei Co., Ltd. (黒金化成株式会社) is a Japanese specialty chemical company headquartered in Nagoya, Aichi Prefecture, specializing in organic synthetic chemistry, contract synthesis and manufacturing, and functional materials development. The company operates multiple facilities including the Minokamo Factory, Chiryu Factory, and a Technical Center (KTC), serving customers across electronics, plastics, and medical/pharmaceutical sectors. It is a member of the KH Neochem Group.
- Industry
- Organic Synthetic Chemistry & Specialty Chemical Manufacturing
- Address
- 〒460-0003 愛知県名古屋市中区錦1-6-17(本社)
Attack summary
Severity: high — 743 GB of confirmed exfiltrated data from a specialty chemical manufacturer with R&D and proprietary synthesis operations; data is marked as published/disclosed, and the company itself acknowledged unauthorized server access publicly.RansomHouse claims to have exfiltrated approximately 743 GB of data from Kurogane Kasei's servers; the company's own public website confirmed unauthorized access to its servers in notices published in October 2025. The group has listed the data as published/disclosed.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate server data
- Potentially proprietary synthesis/R&D data
- Business operational files
- Potentially personal information (per company privacy policy revisions)
What the group claims
Kurogane Kasei Co., Ltd. is a development-oriented Japanese chemical company specializing in organic synthesis and fine chemicals production. Its core activities include joint R&D projects, entrusted synthesis, and scalable production from gram-level prototypes to ton-scale manufacturing. The company caters to industries such as electronics, pharmaceuticals, and agrochemicals, leveraging advanced technologies like esterification and specialized equipment for dust-free, metal-free environments. With a workforce of about 193 employees, Kurogane Kasei positions itself as an 'all-round player' in the chemical sector, prioritizing customer satisfaction through rapid prototyping and innovative solutions.
The leak post
captured from the group's site```
{"data":[{"id":"a1894b76b7004c75a3a0845799af49956592e3d9","display":"animated","header":"HOT NEWS","info":" Trellix is a global cybersecurity company.","url":"","sort":1,"views":"436242"},{"id":"336b257f582b17573c97578efd4b22762bf77344","sort":2,"header":"Trellix (McAfee & FireEye)","url":"https://www.trellix.com/","private":"false","revenue":"1.5-2 B$","employees":"5000","info":"Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. The companys open and native extended detection and response (XDR) platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security","statusDate":"DEPENDS ON YOU","status":"EVIDENCE","published":"NOT YET","action":"Encrypted","actionDate":"17/04/2026","volume":"~","content":"cybersecurity.html"…Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

