Ransomware victim disclosure
← All victimsICON International, Inc.
listed as iconinternational.com · Claimed by Chaos · listed 8 months ago
Status timeline
- ListedNov 12, 2025
- Data leakeddate unknown
At a glance
- Group
- Chaos
- Status
- Data leaked
- Country
- United States
- Sector
- Financial Services
- Listed on leak site
- Nov 12, 2025
About the victim
AI dossier — public-source company profileICON International, Inc. is a US-based corporate barter firm that provides media-backed financial solutions, helping brands transform underutilized assets into measurable growth. The company serves over 350 organizations across multiple sectors, acting as a growth partner and problem-solver. It offers solutions spanning real estate, marketing agencies, and media partnerships.
- Industry
- Corporate Barter & Media-Backed Financial Solutions
Attack summary
Severity: high — Data has been published (disclosed status: data_published) by the threat actor, indicating confirmed exfiltration. ICON serves over 350 organizations and operates in financial/barter services, meaning leaked data likely includes sensitive business and financial information from multiple client organizations.The Chaos ransomware group claims to have attacked ICON International, Inc. and has published data as part of a disclosed leak. The specific nature of exfiltrated data and whether encryption occurred is not detailed in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Business financial records
- Client organization data
- Internal corporate documents
What the group claims
ICON International, Inc. is a corporate barter firm that offers innovative solutions and strategic thinking to help brands grow and create economic value.
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

