Ransomware victim disclosure
← All victimsfecovita.com
Claimed by Projectrelic · listed 1 year ago
Status timeline
- ListedJun 21, 2025
- Data leakeddate unknown
At a glance
- Group
- Projectrelic
- Status
- Data leaked
- Country
- Argentina
- Listed on leak site
- Jun 21, 2025
About the victim
AI dossier — public-source company profileFecovita is Argentina's largest wine co-operative, representing 29 member co-operatives and approximately 5,000 farmer-owners who collectively manage 25,000 hectares of vineyards in Mendoza. The organization produces and exports a range of wines—from premium to table wines—to over 20 countries worldwide.
- Industry
- Wine Production & Export Co-operative
- Address
- Carril Gómez 265, Maipú (M5511HTE), Mendoza, Argentina
- Employees
- 5000
- Founded
- 1991
Attack summary
Severity: medium — Confirmed data exfiltration from a significant agricultural/export business with substantial operational scale (5,000 employees, international operations). No regulated data categories (medical, financial at banking level, or government) explicitly confirmed, but agricultural co-operative records may include member PII and commercial data. No proof file count provided.Projectrelic claims to have exfiltrated data from Fecovita. The group has published the data but the specific data types, scope, and operational impact are not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- operational data
- corporate documents
Original description
AI-summarised, not from the leak postFecovita is Argentina's largest wine co-operative and exporter, representing over 29 co-operative wineries. Founded in 1991, the company is made up of 5,000 farmers who together own 25% of the vineyards of the province of Mendoza. They produce a wide range of wines, from premium to everyday table wines, which they export to over 20 countries around the world.
Sources
- Victim sitefecovita.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

