Ransomware victim disclosure
← All victimsBirla Institute of Technology and Science (BITS Pilani)
listed as bits-pilani.ac.in · Claimed by Dragonforce · listed 11 days ago
Status timeline
- ListedJun 22, 2026
- Data leakeddate unknown
At a glance
- Group
- Dragonforce
- Status
- Data leaked
- Country
- India
- Sector
- Education
- Listed on leak site
- Jun 22, 2026
About the victim
AI dossier — public-source company profileBITS Pilani is a premier Indian private research university and designated Institution of Eminence, founded in 1964. It operates five campuses across India and internationally, offering undergraduate and postgraduate programs in engineering, science, pharmacy, law, business, and design. The institution is highly selective with a 1.47% acceptance rate and serves thousands of students across multiple disciplines.
- Industry
- Higher Education & Research
- Address
- Pilani, Rajasthan, India (primary campus); additional campuses in Goa, Hyderabad, Dubai, and Mumbai
- Founded
- 1964
Attack summary
Severity: high — Large educational institution with thousands of students and faculty; likely exposure of PII and academic records at significant scale. Confirmed data publication by ransomware operator indicates exfiltration beyond encryption-only attack.The dragonforce group claims to have conducted a ransomware attack on BITS Pilani. The leak post indicates data exfiltration, though specific data categories and operational details are not elaborated in the provided excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Student records
- Faculty information
- Administrative data
- Academic records
What the group claims
BITS Pilani is a premier Indian private research university and "Institution of Eminence" known for elite engineering and science programs across five campuses. Founded in 1964, it is highly selective with a 1.47% acceptance rate and offers a 0% attendance policy with mandatory industry immersion.
Sources
Source
Indexed 11 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

