Ransomware victim disclosure
← All victimsSitoy Group
Claimed by Abyss · listed 4 months ago
Status timeline
- ListedMar 28, 2026
Current state: Listed for ransom
At a glance
- Group
- Abyss
- Status
- Listed for ransom
- Country
- Hong Kong
- Sector
- Manufacturing
- Listed on leak site
- Mar 28, 2026
- Data size
- 1.7TB
About the victim
AI dossier — public-source company profileSitoy Group, founded in 1968 and headquartered in Kwun Tong, Hong Kong, is one of the world's leading manufacturers of branded bridge-to-luxury handbags, small leather goods, travel goods, and footwear. The company is engaged in design, research, development, manufacturing, wholesale, and retail, and also operates as a brand distributor. It serves major global luxury and premium brands through OEM manufacturing and maintains its own retail brands.
- Industry
- Luxury Handbags & Leather Goods Manufacturing
- Address
- Kwun Tong, Hong Kong
- Founded
- 1968
Attack summary
Severity: high — The group claims exfiltration of 1.7 TB of data from a major global luxury goods manufacturer; while full data has not yet been released and content is unspecified, the scale of claimed exfiltration and the company's size and supply-chain exposure to major luxury brands represent significant business risk.The Abyss ransomware group claims to have exfiltrated 1.7 TB of uncompressed data from Sitoy Group, providing a file-listing archive as initial proof; full data and password are stated to be published at a later date.
Data the group says was taken
AI dossier — extracted from the leak post- File listing archive (sitoy.lst.7z)
- Corporate business data (unspecified, 1.7 TB)
The group's post references roughly 1 proof file.
What the group claims
Design, manufacturing, and retail data for handbags, leather goods, travel goods, and footwear products
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'sitoy.com',
'short' : 'sitoy.com 1.7Tb uncompressed data',
'full' : 'Sitoy Group <br>' +
'Founded in 1968, Sitoy Group is engaged in the design, research, development, manufacturing, sale, wholesaling, and re…Data the group says was taken
- business_data
Sources
Source
Indexed 4 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

