Ransomware victim disclosure
← All victimsSKF AB
listed as SKF.com · Claimed by Ransomed · listed 3 years ago
Status timeline
- ListedSep 3, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomed
- Status
- Data leaked
- Country
- Sweden
- Sector
- Manufacturing
- Listed on leak site
- Sep 3, 2023
- Data size
- 2.19 TB
- Ransom demanded
- $100.000
About the victim
AI dossier — public-source company profileSKF AB is a Swedish multinational manufacturing company headquartered in Gothenburg, Sweden, specializing in the manufacture of bearings, seals, mechatronics, lubrication systems, and related services. Founded in 1907, SKF operates in approximately 130 countries and serves industries including automotive, aerospace, industrial machinery, and energy. The company is one of the world's largest bearing manufacturers with revenues in the multi-billion euro range.
- Industry
- Bearings & Rotating Equipment Manufacturing
- Address
- Hornsgatan 1, 415 50 Gothenburg, Sweden
- Employees
- 40000
- Founded
- 1907
Attack summary
Severity: critical — Confirmed exfiltration of 2.19 TB from a major global industrial manufacturer, including databases and customer data at scale. The involvement of two threat actor groups, the large volume of data, and the threat to share with competitors elevates impact. Customer PII and proprietary industrial data are likely included at this scale.The Ransomed group, claiming collaboration with the Everest Ransomware Group, states it compromised SKF's network and exfiltrated approximately 2.19 TB of data including internal documents, databases, and customer data, while threatening to share stolen data with competitors if the $100,000 ransom is not paid.
Data the group says was taken
AI dossier — extracted from the leak post- Internal documents
- Databases
- Customer data
What the group claims
SKF�s network was compromised(by collaboration withEverest Ransomware Group) a few days ago. The company continues to be silent about the problem.A representative of the company should contact us immediately, instructions have all been sended in the emails.Otherwise, we will start communicating with your competitors.Data stolen : 2.19 TerabytesData Info : Internal Documents, Data Bases, Customer [�]We require a ransom of $100,000
Sources
- Victim siteskf.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

