Daily Dark Web
  • Home
  • Data Breaches
  • Inside the Adversary
    • Dark Web Informants
  • DDW Top Lists
  • Ransomware News
  • DarkWeb News
    • Vulnerability
    • Cyber Attacks
  • Unauthorized Accesses
  • About Us
No Result
View All Result
  • Home
  • Data Breaches
  • Inside the Adversary
    • Dark Web Informants
  • DDW Top Lists
  • Ransomware News
  • DarkWeb News
    • Vulnerability
    • Cyber Attacks
  • Unauthorized Accesses
  • About Us
No Result
View All Result
Daily Dark Web
No Result
View All Result
Home Ransomware News

INC Ransomware Group Breaches Omega Tool Corp and Southern Lion

November 25, 2025
Reading Time: 2 mins read
INC Ransomware Group Breaches Omega Tool Corp and Southern Lion

The INC Ransomware group claims to have breached two new organizations, posting their details and compromised data samples on their leak site. The threat actor has targeted a major industrial manufacturing firm and a prominent consumer goods company.

The latest list of alleged victims posted by the group includes:

  • Omega Tool Corp (🇲🇽): A global leader in engineering and manufacturing, specifically known for advanced plastics tooling solutions. While the company operates globally, the threat actor explicitly listed contact details for a branch in Mexico. The company serves the automotive, heavy truck, and consumer product industries.

  • Southern Lion Sdn Bhd (🇲🇾): A leading FMCG marketing company based in Malaysia. It is an equal-sharing joint venture between Lion Corporation (Japan) and Lam Soon (M) Bhd, known for marketing household and personal care products.

According to the actor, the breach involves a significant exfiltration of internal documents. For Omega Tool Corp specifically, the group claims to have acquired approximately 24.7 GB of data. The proof-of-compromise documents released by the group suggest the following types of information have been exposed:

  • Personal Identification Information (PII): Scans of employee passports and identification cards.

  • Technical Intellectual Property: Detailed engineering schematics, robot base drawings, and system integration plans.

  • Internal Compliance Documents: Biological safety cabinet test certificates and product verification reports.

  • Operational Procedures: Departmental record retention tables and internal product test method instructions (e.g., for specific consumer brands like “Mama Lemon”).

  • Company Metrics: Internal references to revenue and employee counts.

Tags: cyberattackdata-breachFMCGINC ransomwareMalaysiaManufacturingMexicoOmega Tool CorpPII LeakSouthern Lion Sdn Bhd
ShareTweet

Related Posts

Qilin Ransomware: Inspira, Muller, A&A, Longwood, Exclusive, Istarpal
Ransomware News

Qilin Ransomware: Inspira, Muller, A&A, Longwood, Exclusive, Istarpal

April 27, 2026
Narteks Tekstil A.S. Suffers Krybit Ransomware Attack
Ransomware News

Narteks Tekstil A.S. Suffers Krybit Ransomware Attack

April 27, 2026
Synmosa Biopharma Hit by Dragonforce Ransomware Attack
Ransomware News

Synmosa Biopharma Hit by Dragonforce Ransomware Attack

April 27, 2026
K2 Electric Inc Targeted in Genesis Ransomware Attack
Ransomware News

K2 Electric Inc Targeted in Genesis Ransomware Attack

April 22, 2026
Rutan & Tucker Law Firm Suffers Data Breach by Silentransomgroup
Ransomware News

Rutan & Tucker Law Firm Suffers Data Breach by Silentransomgroup

April 22, 2026
Qilin Breach: Sea Air, Kolin, INDCAR, PTS, Huonker, Ferguson, SEL, Sterimed, Avitrans, Rusk
Ransomware News

Qilin Breach: Sea Air, Kolin, INDCAR, PTS, Huonker, Ferguson, SEL, Sterimed, Avitrans, Rusk

April 22, 2026
Next Post
Fianzas Avanza Data Breach Exposes 90,000 Financial Documents

Fianzas Avanza Data Breach Exposes 90,000 Financial Documents

Medusa Ransomware Attack Hits Brazilian University USCS and Staffing Firm WR Commercial

Medusa Ransomware Attack Hits Brazilian University USCS and Staffing Firm WR Commercial

Recommended Stories

Iran’s Nuclear Program Data Allegedly Breached – 25 GB of Sensitive Information For Sale

Iran’s Nuclear Program Data Allegedly Breached – 25 GB of Sensitive Information For Sale

June 24, 2025
Threat Actor Offers Unauthorized VPN Access of $3 Billion Chinese Telecommunication Company

Threat Actor Offers Unauthorized VPN Access of $3 Billion Chinese Telecommunication Company

March 27, 2024
SnowSoul Attack Hits Multiple Chinese Organizations

SnowSoul Attack Hits Multiple Chinese Organizations

April 2, 2026

Popular Stories

  • SudamericaData Breach Exposes Over 1TB of Argentine Records

    SudamericaData Breach Exposes Over 1TB of Argentine Records

    0 shares
    Share 0 Tweet 0
  • Threat Actor Claims Sale of Dell Database Containing 49 Million Customer Records

    0 shares
    Share 0 Tweet 0
  • SUUMO, CHINTAI, At Home, HOME’S Suffer Data Breach

    0 shares
    Share 0 Tweet 0
  • Financial Tech Giant SilverLake Axis Allegedly Breached – 423GB of Data for Sale

    0 shares
    Share 0 Tweet 0
  • Telekom Serbia Investigates Leak of 160,000 Customer Records

    0 shares
    Share 0 Tweet 0
Daily Dark Web

Disclaimer: Daily Dark Web (DDW) is an independent media platform providing information, analysis, and reporting on cybersecurity, cyber incidents, and related digital developments. All content published on this website is for informational and journalistic purposes only. DDW does not support, endorse, or promote any illegal activities, threat actors, or organizations referenced in its content. Any statements, claims, or opinions expressed by third parties, including interview subjects, are their own and do not reflect the views of DDW. Such content may include unverified information and should be interpreted critically. DDW does not participate in, facilitate, or coordinate any activities discussed or referenced on this platform. Under no circumstances should any content be interpreted as encouragement, instruction, or endorsement of unlawful actions. All interactions and publications are conducted in the public interest to enhance awareness and understanding of the evolving cyber landscape.

No Result
View All Result
  • About Us
  • Home
  • Newsletter
  • Privacy Policy

Disclaimer: Daily Dark Web (DDW) is an independent media platform providing information, analysis, and reporting on cybersecurity, cyber incidents, and related digital developments. All content published on this website is for informational and journalistic purposes only. DDW does not support, endorse, or promote any illegal activities, threat actors, or organizations referenced in its content. Any statements, claims, or opinions expressed by third parties, including interview subjects, are their own and do not reflect the views of DDW. Such content may include unverified information and should be interpreted critically. DDW does not participate in, facilitate, or coordinate any activities discussed or referenced on this platform. Under no circumstances should any content be interpreted as encouragement, instruction, or endorsement of unlawful actions. All interactions and publications are conducted in the public interest to enhance awareness and understanding of the evolving cyber landscape.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?