Ransomware victim disclosure
← All victimsRetemex
Claimed by Ransomexx · listed 2 years ago
Status timeline
- ListedSep 14, 2024
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileRetemex is a virtual mobile operator in Mexico providing mobile services over the country's 4G LTE network. They offer prepaid plans with data, calls, SMS, and international roaming, marketed through eSIM and traditional SIM channels.
- Industry
- Telecommunications – Virtual Mobile Operator (VMO)
Attack summary
Severity: critical — Confirmed exfiltration of PII at scale (24,883 customer records) with plaintext passwords, which enables account takeover and fraud against mobile subscribers in Mexico.Ransomexx claims to have exfiltrated customer data from Retemex, including plaintext passwords for approximately 24,883 client accounts. The group has published this data.
Data the group says was taken
AI dossier — extracted from the leak post- customer account records
- plaintext passwords
- client contact information
What the group claims
Retemex is a virtual mobile operator in Mexico, operating on the country’s 4.5G LTE network. 24883 clients data even with PLAINTEXT PASSWORDS!
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

