The Black Shrantac ransomware group, a recently identified threat actor, claims to have breached multiple companies across various sectors. The latest list of alleged victims posted by the group includes firms from Europe, Asia, and the Americas.
- M&BM, Inc (🇧🇬): A Xerox-accredited partner in Bulgaria offering Managed Print Services. (Alleged 900 GB)
- Simsek A.S. (🇹🇷): A Coca-Cola distributor operating in the İzmir and Antalya regions of Turkey since 1977. (Alleged 200 GB)
- Carvimsa (🇵🇪): A Peruvian company providing comprehensive cardboard and paper packaging solutions. (Alleged 250 GB)
- Newgen Digitalwork (🇮🇳): An Indian digital agency specializing in performance campaigns and digital transformation. (Alleged 5 GB)
- Multistate Tax (🇺🇸): A U.S.-based tax consulting firm specializing in helping businesses navigate multistate tax issues (SALT). (Alleged 50 GB)
- Liberty Shoes (🇮🇳): An international footwear brand from India with a 60-year history. (Alleged 50 GB)
According to the actor, the compromised data varies by victim but includes a wide range of sensitive personal, financial, and corporate information:
- Personal Information: Passports, insurance documents, health records, PAN cards, credit card details, and other government-issued IDs.
- Employee Data: Payroll records, payslips, contracts, salary records, bonuses, deductions, and performance data.
- Financial Data: Tax returns, balance sheets, profit & loss statements, budgets, forecasts, invoices, bank details, and client billing information.
- Corporate & Client Data: Customer lists, sales agreements, partner contracts, client tax filings, and service request details.
- Operational & Legal Data: Business continuity plans, marketing plans, non-disclosure agreements (NDAs), and litigation data.












