Ransomware victim disclosure
← All victimsSystemExec Co., Ltd.
Claimed by Cephalus · listed 11 months ago
Status timeline
- ListedAug 26, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileSystemExec Co., Ltd. (システムエグゼ) is an independent Japanese IT system integrator and prime vendor headquartered in Chuo-ku, Tokyo. The company provides end-to-end IT services including custom application development, IT infrastructure, cloud, AI, data utilization, DX solutions, and offshore development. It was newly listed on the Tokyo Stock Exchange Standard Market in April 2026.
- Industry
- IT Services & System Integration
- Address
- 〒103-0022 東京都中央区日本橋室町3-4-4 OVOL日本橋ビル7階 (OVOL Nihonbashi Bldg. 7F, 3-4-4 Nihonbashi Muromachi, Chuo-ku, Tokyo 103-0022, Japan)
Attack summary
Severity: high — 30+ GB of GitLab repository contents have reportedly been published, exposing proprietary source code and potentially sensitive configuration or credential data from a publicly listed IT system integrator. Exposure of internal codebases and related secrets at this scale constitutes significant confirmed exfiltration of business-critical data.The ransomware group 'cephalus' claims to have exfiltrated over 30 GB of data from SystemExec's GitLab repositories, described as a 'naked repo leak', indicating source code and potentially associated credentials or configuration data were exposed. The disclosure status is 'data_published', suggesting the data has already been released.
Data the group says was taken
AI dossier — extracted from the leak post- GitLab source code repositories
- Software project files
- Potentially embedded credentials or configuration files
- Internal development assets
What the group claims
SystemExec Co., Ltd. (システムエグゼ) GitLab naked repo leak | 30G+
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

