Ransomware Group: DRAGONFORCE

VICTIM NAME: Grupo DIRIA

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DRAGONFORCE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On August 27, 2025, a ransomware leak post publicly identified Grupo DIRIA as a victim. Grupo DIRIA is a Costa Rican hospitality operator that manages luxury hotels and resorts in Tamarindo Beach. The description portrays the company as focused on tourism and hospitality, delivering an authentic Costa Rican experience for travelers. The post date is August 27, 2025; there is no publicly listed compromise date in the data, so the post date is treated as the publication date. The leak page notes that a claim URL is present, though the actual URL is not provided here. The entry situates Grupo DIRIA in Costa Rica (CR) and within the hospitality sector.

According to the metadata, the leak page contains no screenshots or images (images_count = 0) and no downloadable content or external links (downloads_present = false; link_count = 0). There is no ransom amount or explicit data exfiltration detail described in the available fields. No explicit impact type (Encrypted vs Data leak) is stated in the data. The page is clearly a breach announcement focusing on Grupo DIRIA; no other victims are named in the provided excerpt. Overall, the leak page lacks visible data assets in the excerpt and does not reveal exfiltrated data volumes or a ransom demand.