The SafePay ransomware group has allegedly launched a series of cyberattacks, adding eight new victims from around the world to its dark web leak site. The list of compromised entities is notably diverse, spanning multiple countries including Germany, the United States, the United Kingdom, and Mexico. The targets represent various sectors, from manufacturing and B2B services to online travel and even public education, highlighting the indiscriminate nature of the group’s campaigns.
The targeted organizations allegedly include prominent manufacturers, service providers, and a German secondary school. The publication of these names on the ransomware group’s portal suggests that sensitive data has been exfiltrated and that the victims have not complied with the attackers’ ransom demands. The alleged victims are as follows:
- SCHLIESSMEYER GmbH 🇩🇪: A German company specializing in plastic injection molding for the automotive, aerospace, and medical industries.
- Riverton Cabinet Company 🇺🇸: A U.S.-based custom cabinetry firm known for its craftsmanship in New Lenox, Illinois.
- Optivosa 🇲🇽: A wholesale distributor of stationery, office, and school products located in Mérida, Yucatán.
- Faltner GmbH 🇩🇪: A German supplier of agricultural and forestry equipment, established in 1946.
- Phillips 66 Lubricants 🇺🇸: A major U.S.-based manufacturer and supplier of industrial and automotive lubricants, part of the larger Phillips 66 company.
- Ferienwohnungen.de 🇩🇪: A large German online booking platform for over 77,000 holiday homes and apartments across Europe.
- Parkside Group Ltd 🇬🇧: A respected UK-based manufacturer of architectural-grade aluminium systems operating under the Comar brand.
- Johann-Peter-Hebel Realschule 🇩🇪: A secondary school in Waghäusel, Germany, providing intermediate-level education.
