Ransomware victim disclosure
← All victimsPANSARD & ASSOCIÉS
listed as PANSARD & ASSOCIES · Claimed by Medusa · listed 11 months ago
Status timeline
- ListedAug 6, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profilePANSARD & ASSOCIÉS is a French accounting and consulting firm headquartered in Roubaix that provides public accounting, auditing, and mergers & acquisitions advisory services. Their consultants hold qualifications from major audit and consulting firms and are affiliated with the American Institute of Certified Public Accountants.
- Industry
- Professional Services & Accounting
- Address
- 26 Boulevard Général de Gaulle, 59100 Roubaix, France
Attack summary
Severity: high — Confirmed exfiltration and publication of 566.2 GB of data from a professional services firm handling financial, audit, and M&A records. Likely includes sensitive client financial and business information.Medusa claims to have exfiltrated 566.2 GB of data from PANSARD & ASSOCIÉS. The group has published the data, indicating a confirmed data breach with no ransom negotiation documented.
Data the group says was taken
AI dossier — extracted from the leak post- Financial records
- Client accounting files
- Audit documentation
- M&A transaction files
- Business correspondence
- Potentially sensitive client data
What the group claims
PANSARD & ASSOCIES has developed three complementary activities to assist companies in their day-to-day operations and facilitate strategic planning relating to enterprise and asset growth and maximization: 1. Public accounting; 2. Auditing; 3. Mergers & Acquisitions and Asset Restructuring. Consultants are dually qualified: they have worked in major audit and consulting firms and have years of experience in the industry. They are affiliated with the American Institute of Certified Public Accountants. company is headquartered in 26 Bd, by General De Gaulle 59100 Roubaix. The total amount of data leakage is 566.2 GB
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

