Ransomware victim disclosure
← All victimsI&G Brokers
Claimed by Ransomed · listed 3 years ago
Status timeline
- ListedAug 21, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomed
- Status
- Data leaked
- Country
- Bulgaria
- Sector
- Financial Services
- Listed on leak site
- Aug 21, 2023
About the victim
AI dossier — public-source company profileI&G Brokers is described as a prominent Bulgarian brokerage house, likely operating in financial instrument or securities brokerage. The company appears to be based in Bulgaria. No further verifiable details are available from public sources.
- Industry
- Financial Services & Brokerage
Attack summary
Severity: high — Data has been confirmed as published (disclosed status: data_published) by a ransomware group targeting a financial services brokerage, which likely holds sensitive client financial and personal data. Partial data release with a download link confirms active exfiltration rather than a mere listing.The ransomed group claims to have exfiltrated data from I&G Brokers and is publishing a downloadable sample archive as proof of the breach, indicating a partial data leak following a missed initial payment deadline.
Data the group says was taken
AI dossier — extracted from the leak post- Sample data archive (7z file)
The group's post references roughly 1 proof file.
What the group claims
I&G brokers are top top favourite Bulgarian Broker houses.First Payment Due, leaking dataDownload Sample(https://pomf2.lain.la/f/XXXXXX.7z)
Sources
- Leak posthttps://ransomed.vc/ig.html
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

