NEW: RansomedVC is back — and is still attacking its competitors:

https://databreaches.net/2025/07/17/ransomedvc-is-back-and-is-still-attacking-its-competitors/

RansomedVC has a history of leaking its competitors' data. Heck, they even leaked their own to get attention. Now they're back, and one of their first targets was the Medusa ransomware gang.

#databreach #ransomware #SnapAv #SnapOne #Medusa #RansomedVC

@amvinfe

@cR0w I had interviewed RansomedVC back in 2023 when he was under other monikers (including "Impotent" of Exposed[.]vc). He was always clear about how he'd go after competitors. It seems like he's back and picking up where he left off.

#ransomware #RansomedVC #Reborn

@screaminggoat

Yes, I reported on it here:
Developing: Brazilian hacker known as “USDoD” arrested by federal police

https://databreaches.net/?p=117212

I had just heard from him this morning, probably within an hour or so of the time he was arrested. He had no idea this was coming. None. He did not think that the Brazilian federal police had any charges against him at all from what his lawyer had been told after he was doxed.

I would point out that in August, when he was doxed, he said that he was retiring and getting out. If he was still working for kmeta[.]vc as of this morning, he hadn't gotten out.

@campuscodi @briankrebs

#hack #arrest #USDoD #EquationCorp #ransomedvc #kmeta #LuanBG #NetSec

“Sadly for the feds I have not been arrested” – RansomedVC

The threat actor known as Kmeta, Impotent, RansomedVC has issued a statement saying that he has not been arrested and is not Teodor Iliev, the 21-year-old arrested and accused of being Emil Kyulev.

https://databreaches.net/2024/07/02/sadly-for-the-feds-i-have-not-been-arrested-ransomedvc/

And yeah, I can confirm that. Iliev is in custody, and I've been chatting with RansomedVC over the past few days about the arrest.

#Magadans #EmilKülev #EmilKyulev #Kmeta #Impotent #RansomedVC #arrest

@BleepingComputer @campuscodi @DarkWebInformer @aj_vicens @allan

“Il n’y a eu aucune perturbation” : #ColonialPipeline réfute la cyber-attaque de #RansomedVC !

https://blog.sosordi.net/2023/10/il-ny-a-eu-aucune-perturbation-colonial-pipeline-refute-la-cyber-attaque-de-ransomedvc.html

#securite #data #ransomware #vieprivee #chiffrement

UPDATE: D.C. Board of Elections data breach contained fewer than 4,000 D.C. voters' data:

https://www.databreaches.net/update-d-c-board-of-elections-data-breach-contained-fewer-than-4000-d-c-voters-data/

#RansomedVC had claimed 600k data records, where each line was a complete record, but it seems that only 4k of those records were from registered D.C. voters. Not yet clear what the other records were from.

#GovSec #databreach #vendor

#RansomedVC had claimed to have voter registration data on 600k voters from the D.C. Board of Education.

In an update today, DCBOE indicated that results of preliminary analyses indicated that data from fewer than 4,000 voters was involved.

That's a big difference. I'm trying to get an explanation or more details from their forensics from DCBOE and will try to update later.

Their statement was posted an image file on their FB page. Text detected for part of p.1 and all of p. 2.

@brett @allan

#databreach #infosec #cybersecurity #transparency #publicrecords

Sony case, Ransomedvc: “MajorNelson and IntelBroker are the same person”

https://www.suspectfile.com/sony-case-ransomedvc-majornelson-and-intelbroker-are-the-same-person/

#RansomedVC #BlackForums #RaidForums #BreachForums #DataBreach