The Sinobi ransomware group claims to have breached two new organizations, listing them on their dark web leak site today. The group, which typically employs double-extortion tactics, has posted countdown timers for both victims, threatening to publish sensitive data if their demands are not met.
The latest list of alleged victims posted by the group includes:
-
Croft (🇺🇸): A leading manufacturer of vinyl and aluminum windows and doors based in McComb, Mississippi. Established in 1920, the company is a major supplier in the U.S. construction and home improvement market.
-
Changepond (🇮🇳): A software and digital solutions company headquartered in Siruseri, Chennai. Founded in 2000, the firm provides enterprise software and data solutions to global clients.
According to the actor, a significant amount of sensitive internal information was exfiltrated from both companies. The allegedly compromised data includes:
-
From Croft (100 GB):
-
Financial data
-
Confidential internal documents
-
Incident reports
-
-
From Changepond (450 GB):
-
Customer data
-
Contracts
-
Financial data
-
Confidential business information
-












