[TENGU] – Ransomware Victim: Al Rimal Group

AI Generated Summary of the Ransomware Leak Page

On October 23, 2025, Al Rimal Group, a United Arab Emirates–based manufacturing company specializing in food products, was identified on a ransomware leak site as a victim. The post, attributed to the group tengu, presents Al Rimal Group as a privately held enterprise focused on the production of snacks, processed cheeses, sauces, juices, and ice cream, with a workforce of over 50 employees. The leak page frames the incident as a data breach and data leak resulting from the intrusion, aligning with double-extortion ransomware patterns where stolen data is exposed. The page includes five screenshots of internal documents to illustrate the breach, though the exact contents of the images are not described in the excerpt. The leak post lists a post date of 2025-10-23 14:55:28.517041.

According to the post, all production lines and business processes were compromised, with a substantial amount of internal data exposed. The materials claim that financial information—including production budgets, supplier contracts, export agreements, and inventory valuation reports—was compromised, alongside personal data of the company’s employees, suppliers, and distribution partners. The post provides a defanged claim URL for readers to review the material, though the exact address is not shown here. There is no explicit ransom amount or demand described in the excerpt. The five screenshots are described as internal documents used to corroborate the breach claim, with no detailed description of their contents.