Ransomware victim disclosure
← All victimsFUCEREP - Cooperativa de Ahorro y Crédito
listed as Fucerep · Claimed by Ransomhouse · listed 8 months ago
Status timeline
- ListedNov 21, 2025
- Data leakeddate unknown
At a glance
- Group
- Ransomhouse
- Status
- Data leaked
- Country
- Uruguay
- Sector
- Financial Services
- Listed on leak site
- Nov 21, 2025
- Data size
- 743 GB
- Ransom demanded
- $740
About the victim
AI dossier — public-source company profileFUCEREP is a Uruguayan savings and credit cooperative (Cooperativa de Intermediación Financiera) with over 50 years of operation, supervised by the Banco Central del Uruguay. It provides financial services including loans, savings accounts, fixed-term deposits, and credit cards to individuals and SMEs. The cooperative operates branches in Montevideo, Uruguay, and offers 24-hour digital banking through its e-FUCEREP platform.
- Industry
- Credit Union & Cooperative Financial Services
- Address
- Acevedo Díaz 1663 esq. Colonia, Montevideo, Uruguay
Attack summary
Severity: critical — 743 GB of data has been confirmed published from a regulated financial cooperative holding sensitive member PII, financial account data, and credit records — constituting large-scale exfiltration of regulated financial and personal data from a BCU-supervised institution.RansomHouse claims to have exfiltrated 743 GB of data from FUCEREP and has published the data, indicating both exfiltration and likely encryption occurred. The disclosed data volume suggests significant exposure of member and operational financial records.
Data the group says was taken
AI dossier — extracted from the leak post- Member financial records
- Loan and credit account data
- Savings account information
- Personal identification data of cooperative members
- Internal business/operational documents
- Possibly regulated financial transaction data
What the group claims
Fucerep is a cooperative focused on savings and credit services targeted at both individuals and businesses. Established in 1974, the company offers a range of financial products including personal loans, salary accounts, credit and debit cards, savings accounts, and fixed-term deposits. Its goal is to help clients save and grow their finances through various tailored financial solutions.
The leak post
captured from the group's site```
{"data":[{"id":"a1894b76b7004c75a3a0845799af49956592e3d9","display":"animated","header":"HOT NEWS","info":" Trellix is a global cybersecurity company.","url":"","sort":1,"views":"436242"},{"id":"336b257f582b17573c97578efd4b22762bf77344","sort":2,"header":"Trellix (McAfee & FireEye)","url":"https://www.trellix.com/","private":"false","revenue":"1.5-2 B$","employees":"5000","info":"Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. The companys open and native extended detection and response (XDR) platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security","statusDate":"DEPENDS ON YOU","status":"EVIDENCE","published":"NOT YET","action":"Encrypted","actionDate":"17/04/2026","volume":"~","content":"cybersecurity.html"…Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

