Ransomware victim disclosure
← All victimsTech Mahindra
Claimed by Worldleaks · listed 1 year ago
Status timeline
- ListedJun 27, 2025
- Data leakeddate unknown
At a glance
- Group
- Worldleaks
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Jun 27, 2025
- Records
- 125.000 employees
About the victim
AI dossier — public-source company profileTech Mahindra is a global IT, BPO, and consulting services provider headquartered in India and part of the Mahindra Group. With over 125,000 employees across 90 countries, it delivers digital transformation, cloud infrastructure, data analytics, and consulting services to clients in telecom, healthcare, manufacturing, banking, and other sectors.
- Industry
- Information Technology & Business Process Outsourcing
- Employees
- 125000
Attack summary
Severity: low — No proof files, screenshots, or specific data inventory disclosed in the post. Only a listing announcement with no evidence of actual data exfiltration or encryption operational impact.The worldleaks group claims to have compromised Tech Mahindra; however, the leak post provided contains only generic company description with no specific details of the attack methodology, data exfiltrated, or operational impact.
Original description
AI-summarised, not from the leak postTech Mahindra is a leading global provider of IT, BPO and consulting services. Based in India, it is part of the Mahindra Group. With over 125,000 employees across 90 countries, it offers solutions that help clients enhance their business processes. Its offerings include customer strategy, data analytics, cloud infrastructure, and digital transformation services. They work with clients across various sectors including telecom, healthcare, manufacturing, banking and financial services.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

