Ransomware victim disclosure
← All victimsKlingelnberg
listed as klingLnberg.in · Claimed by Blackshrantac · listed 10 months ago
Status timeline
- ListedSep 18, 2025
- Data leakeddate unknown
At a glance
- Group
- Blackshrantac
- Status
- Data leaked
- Country
- India
- Listed on leak site
- Sep 18, 2025
- Data size
- 2 TB
About the victim
AI dossier — public-source company profileKlingelnberg is a precision engineering company specialising in the development and manufacture of bevel gear cutting machines, cylindrical gear grinding machines, and related metrology systems. The domain klingelnberg.in suggests an Indian subsidiary or regional presence of the Swiss-headquartered Klingelnberg Group. The company serves the automotive, aerospace, and industrial machinery sectors globally.
- Industry
- Precision Gear & Bevel Gear Manufacturing
Attack summary
Severity: high — 2 TB of data is claimed to have been published by the threat actor from an industrial precision manufacturing company, suggesting significant exfiltration of potentially sensitive business, engineering, and operational data; however, lack of detail on regulated PII or financial data at scale prevents a 'critical' rating.The group 'blackshrantac' claims to have exfiltrated approximately 2 TB of data from Klingelnberg's Indian operations, with the data described as published (disclosed status: data_published). No further detail on encryption or specific data categories is provided in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Unspecified exfiltrated corporate data (2 TB)
What the group claims
DATA SIZE : 2TB
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

