Ransomware victim disclosure
← All victimsA1 Group
listed as A1 · Claimed by Ransomedvc · listed 3 years ago
Status timeline
- ListedAug 21, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomedvc
- Status
- Data leaked
- Country
- Austria
- Sector
- Technology
- Listed on leak site
- Aug 21, 2023
About the victim
AI dossier — public-source company profileA1 Group is a leading telecommunications and digitalization company headquartered in Vienna, Austria, serving 30 million customers across 7 core markets in Central and Eastern Europe. The company offers voice telephony, broadband internet, mobile and home entertainment, smart home, data and IT solutions, wholesale, payment solutions and digital services. It is publicly listed on the Vienna Stock Exchange and reported revenues of 5.6 billion EUR in 2025.
- Industry
- Telecommunications & ICT Services
- Address
- Lassallestraße 9, 1020 Vienna, Austria
- Employees
- 16000
- Founded
- 2000
Attack summary
Severity: high — A1 Group is a major telecommunications operator with 30 million customers across 7 countries; data_published status confirms exfiltration and release of data from a critical communications infrastructure provider, though the specific nature and volume of published data is not detailed in the post.RansomedVC claims to have attacked A1 Group as a 'data provider', noting that 1 of 4 partial payments was made on 2023-08-23, suggesting partial ransom negotiation occurred. The post is classified as data_published, indicating exfiltration and publication of company data.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate data
- Potentially customer data
- Internal business documents
What the group claims
A1 Data Provider (1/4 partial payments have been paid on 2023-08-23)
Sources
- Victim sitea1.group
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

