Ransomware victim disclosure
← All victimsPetrobras / SAExploration
Claimed by Everest · listed 8 months ago
Status timeline
- ListedNov 17, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profilePetrobras is Brazil's state-controlled multinational petroleum corporation headquartered in Rio de Janeiro, one of the largest energy companies in the world, engaged in exploration, production, refining, and distribution of oil and gas. SAExploration is a seismic data acquisition and processing company that has operated in the Americas and internationally, providing services to the oil and gas exploration sector. The leak post associates both entities, suggesting either a joint project or shared data environment was targeted.
- Industry
- Oil & Gas Exploration
Attack summary
Severity: high — Petrobras is a major state-controlled energy company; any confirmed data publication involving its operational or corporate data constitutes significant business and potentially national-security-relevant exposure. The 'data_published' status indicates actual disclosure beyond a mere listing, warranting a high severity classification even without granular data inventory details.The Everest ransomware group claims to have published data ('data_published' status) related to Petrobras and/or SAExploration, though the truncated leak post provides no specific detail on whether encryption, exfiltration, or both occurred, nor the volume or nature of the data exposed.
Original description
AI-summarised, not from the leak postPetrobras is a state-owned Brazilian multinational corporation involved in the oil, gas, and energy industry. The company specializes in exploration, production, and distribution of oil, gas, and derivative products. SAExploration is an American energy company that provides seismic data acquisition services for the oil and gas industry. They specialize in deep water ocean bottom projects and challenging land operations.
The leak post
captured from the group's site© 2026, All rights reserved Citizens Bank - Database Leaked Evaluate a Norstella company - Database Leaked Studio Marchi - Studio Professionale Associato - Database Leaked Super AI - Database Leaked Complete Aircraft Group - Database Leaked Umiles Group - Database Leaked K Subsea Group - Database Leaked Parque Eólico Toabré - Database Leaked PT Brantas Abipraya - Database Leaked Straight Line Logistics - Database Leaked First Priority Group - Database Leaked Hyundai Elevator - Database Leaked UD Trucks - Database Leaked McDonalds India - Database Leaked Tsunami Tsolutions - Database Leaked Atlas Air: MUSE INSECURE - Database Leaked Iron Mountain - Database Leaked Hosowaka Micron Group - Database Leaked Shinwa Co Ltd - Database Leaked SIGMA Processing Group - Database Leaked Acu Trans Solutions LLC - Database Leaked GIBSIN Engineers - Database Leaked ASRock Rack - Database Leaked Reeves Information Technology - Database Leaked WANCHI STEEL INDUSTRIAL - Database Leaked GC Accounting - Database Leaked National Money Mart Company - Database leaked Virginia Records - Database Leaked Morgan Records Management - Database leaked ELC Electroconsult SpA - Databas…
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

