Ransomware victim disclosure
← All victimsit-freitag.de
Claimed by M3Rx · listed 2 months ago
Status timeline
- ListedMay 3, 2026
- Data leakeddate unknown
At a glance
- Group
- M3Rx
- Status
- Data leaked
- Country
- Germany
- Sector
- Technology
- Listed on leak site
- May 3, 2026
About the victim
AI dossier — public-source company profileFreitag IT GmbH (it-freitag.de) is a German IT consulting and services firm operating since approximately 2002 (22 years of experience as stated on site, site notes 'since 2004'). The company provides IT strategy, consulting, support, operations, web application development, online shops, POS systems, and DATEV system maintenance. It is a small generalist IT services provider based in Germany, reachable at +49 30 35 53 39 60.
- Industry
- IT Consulting & Managed Services
- Founded
- 2002
Attack summary
Severity: medium — Data is confirmed as published (exfiltration claimed), but no details on data type, volume, or sensitivity are provided in the post, and the victim is a small IT services SME with no indication of regulated or high-sensitivity data at scale.The ransomware group m3rx claims to have stolen data from Freitag IT GmbH and has published it (disclosed status: data_published), though the leak post does not specify the volume or nature of the stolen data.
What the group claims
+49 493526000000 . Freitag IT GmbH specializes in providing scalable and reliable IT solutions, including cloud computing, virtualization, and managed services. Their offerings cater to agile businesses, focusing on modern technologies such as hybrid multi-cloud architectures and machine learning. The company aims to enhance productivity and efficiency through tailored IT services, including remote management, security solutions, and unified communication systems. Their target clients include organizations seeking comprehensive IT support and innovative digital transformation solutions. Stolen: --
The leak post
captured from the group's siteIf you are interested in this data, please contact our support.Tox: 9A1217BEDA4AB77052A25D17CB6FFB34AFA2BE462E607F2FD8E1DF1DDD4CA16A64E18B1A0BF2
Sources
Source
Indexed 2 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

