Ransomware victim disclosure
← All victimsSunlight Group (Triathlon Systems division)
listed as Triathlon.group · Claimed by Underground · listed 2 years ago
Status timeline
- ListedMay 1, 2024
- Data leakeddate unknown
At a glance
- Group
- Underground
- Status
- Data leaked
- Country
- Germany
- Sector
- Transportation/Logistics
- Listed on leak site
- May 1, 2024
- Ransom demanded
- $176M
- Estimated revenue
- $176M
About the victim
AI dossier — public-source company profileSunlight Group is a global energy storage and battery manufacturer with 30+ years of experience, operating 35+ facilities across 115+ countries. Triathlon Systems is one of its subsidiary companies within the ecosystem of industrial battery and energy solutions.
- Industry
- Energy Storage Systems & Industrial Batteries
Attack summary
Severity: medium — Data published status with significant claimed ransom ($176M) suggests exfiltration occurred, but no specific data categories or proof files are detailed in the truncated post. Industrial/manufacturing data exposure is moderate concern; no PII or regulated sector explicitly mentioned.The Underground group claims to have attacked Sunlight Group/Triathlon Systems and lists a $176M revenue figure associated with the victim. The leak post does not explicitly state what data was exfiltrated or the attack method (encryption vs. exfiltration only).
What the group claims
Revenue:$176M - Country :Australia, Germa...
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

