Ransomware victim disclosure
← All victimsTriple Jump Group
listed as Triple Jump · Claimed by Ransomhouse · listed 1 year ago
Status timeline
- ListedMay 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Ransomhouse
- Status
- Data leaked
- Country
- Serbia
- Sector
- Financial Services
- Listed on leak site
- May 16, 2025
- Data size
- 743 GB
- Ransom demanded
- $740
About the victim
AI dossier — public-source company profileTriple Jump Group is a private Serbian company headquartered in Novi Beograd that distributes and franchises leading global brands in sports (Converse), fashion (Lindex, Max&Co.), and cosmetics (The Body Shop). The group also operates hospitality assets including a hotel (Jump Inn) and food/beverage venues in Belgrade and Kragujevac, plus real estate operations through subsidiary companies Čelik and DelFer.
- Industry
- Distribution & Retail Franchising (Sports, Fashion, Cosmetics)
- Address
- Milutina Milankovića 7g, 11070 Novi Beograd, Serbia
Attack summary
Severity: high — Confirmed exfiltration of 743 GB of data from a multi-national distribution and franchising operation handling customer PII, financial records, and business-critical franchise agreements across seven countries; operational disruption to retail and hospitality operations.Ransomhouse claims to have encrypted Triple Jump Group's systems on 19 December 2025 and exfiltrated 743 GB of data. The group advertises the victim alongside multiple other companies in a leak index, indicating data exfiltration and operational encryption.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations records
- Financial data
- Customer information
- Employee records
- Franchise agreements
- Corporate communications
What the group claims
Triple Jump was registered under its current name in Belgrade in 2005.The management of the company consists of personnel selected at the beginning of their business careers (mainly trainees) who are now specialists and have 10 to 20 years of experience in the most modern business management methodology. The result of their knowledge and work is the introduction to the Serbian market of such brands as Nike, Mexx, Zara, Escada, and others.
The leak post
captured from the group's site```
{"data":[{"id":"a1894b76b7004c75a3a0845799af49956592e3d9","display":"animated","header":"HOT NEWS","info":" Trellix is a global cybersecurity company.","url":"","sort":1,"views":"436242"},{"id":"336b257f582b17573c97578efd4b22762bf77344","sort":2,"header":"Trellix (McAfee & FireEye)","url":"https://www.trellix.com/","private":"false","revenue":"1.5-2 B$","employees":"5000","info":"Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. The companys open and native extended detection and response (XDR) platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security","statusDate":"DEPENDS ON YOU","status":"EVIDENCE","published":"NOT YET","action":"Encrypted","actionDate":"17/04/2026","volume":"~","content":"cybersecurity.html"…Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

